Action not permitted
Modal body text goes here.
cve-2020-11023
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:21:14.226Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-4693", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2020/dsa-4693" }, { "name": "FEDORA-2020-36d2db5f51", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "tags": [ "x_transferred" ], "url": "https://jquery.com/upgrade-guide/3.5/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20200511-0006/" }, { "tags": [ "x_transferred" ], "url": "https://www.drupal.org/sa-core-2020-002" }, { "tags": [ "x_transferred" ], "url": "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6" }, { "tags": [ "x_transferred" ], "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released" }, { "name": "openSUSE-SU-2020:1060", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html" }, { "name": "GLSA-202007-03", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202007-03" }, { "name": "openSUSE-SU-2020:1106", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html" }, { "name": "[hive-issues] 20200813 [jira] [Assigned] (HIVE-24039) update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-dev] 20200813 [jira] [Created] (HIVE-24039) update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E" }, { "name": "[hive-issues] 20200813 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200813 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Work started] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Commented] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Comment Edited] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200904 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E" }, { "name": "FEDORA-2020-fbb94073a1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/" }, { "name": "FEDORA-2020-0b32a59b54", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/" }, { "name": "[hive-issues] 20200915 [jira] [Resolved] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-commits] 20200915 [hive] branch master updated: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023 (#1403)", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E" }, { "name": "[hive-issues] 20200915 [jira] [Work logged] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200915 [GitHub] [hive] kgyrtkirk merged pull request #1403: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-issues] 20200915 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E" }, { "name": "FEDORA-2020-fe94df8c34", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/" }, { "name": "[nifi-commits] 20200930 svn commit: r1882168 - /nifi/site/trunk/security.html", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "name": "[flink-issues] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E" }, { "name": "[flink-dev] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E" }, { "name": "openSUSE-SU-2020:1888", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html" }, { "name": "[flink-issues] 20201129 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Created] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [GitHub] [felix-dev] cziegeler merged pull request #64: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [GitHub] [felix-dev] abhishekgarg18 opened a new pull request #64: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Commented] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Assigned] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E" }, { "name": "[felix-commits] 20201208 [felix-dev] branch master updated: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023 (#64)", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.5.0 is vulnerable to CVE-2020-11023", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "name": "[flink-issues] 20210209 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210209 [jira] [Comment Edited] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E" }, { "name": "[debian-lts-announce] 20210326 [SECURITY] [DLA 2608-1] jquery security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html" }, { "name": "[flink-issues] 20210422 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210422 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210429 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210429 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2021-10" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2021-02" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "name": "[flink-issues] 20211031 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "jQuery", "vendor": "jquery", "versions": [ { "status": "affected", "version": "\u003e= 1.0.3, \u003c 3.5.0" } ] } ], "descriptions": [ { "lang": "en", "value": "In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing \u003coption\u003e elements from untrusted sources - even after sanitizing it - to one of jQuery\u0027s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-31T02:06:42.262615", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "DSA-4693", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2020/dsa-4693" }, { "name": "FEDORA-2020-36d2db5f51", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/" }, { "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "url": "https://jquery.com/upgrade-guide/3.5/" }, { "url": "https://security.netapp.com/advisory/ntap-20200511-0006/" }, { "url": "https://www.drupal.org/sa-core-2020-002" }, { "url": "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6" }, { "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released" }, { "name": "openSUSE-SU-2020:1060", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html" }, { "name": "GLSA-202007-03", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202007-03" }, { "name": "openSUSE-SU-2020:1106", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html" }, { "name": "[hive-issues] 20200813 [jira] [Assigned] (HIVE-24039) update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-dev] 20200813 [jira] [Created] (HIVE-24039) update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E" }, { "name": "[hive-issues] 20200813 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200813 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Work started] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Commented] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Comment Edited] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200904 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E" }, { "name": "FEDORA-2020-fbb94073a1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/" }, { "name": "FEDORA-2020-0b32a59b54", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/" }, { "name": "[hive-issues] 20200915 [jira] [Resolved] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-commits] 20200915 [hive] branch master updated: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023 (#1403)", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E" }, { "name": "[hive-issues] 20200915 [jira] [Work logged] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200915 [GitHub] [hive] kgyrtkirk merged pull request #1403: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-issues] 20200915 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E" }, { "name": "FEDORA-2020-fe94df8c34", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/" }, { "name": "[nifi-commits] 20200930 svn commit: r1882168 - /nifi/site/trunk/security.html", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "name": "[flink-issues] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E" }, { "name": "[flink-dev] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E" }, { "name": "openSUSE-SU-2020:1888", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html" }, { "name": "[flink-issues] 20201129 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Created] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [GitHub] [felix-dev] cziegeler merged pull request #64: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [GitHub] [felix-dev] abhishekgarg18 opened a new pull request #64: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Commented] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Assigned] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E" }, { "name": "[felix-commits] 20201208 [felix-dev] branch master updated: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023 (#64)", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.5.0 is vulnerable to CVE-2020-11023", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E" }, { "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "name": "[flink-issues] 20210209 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210209 [jira] [Comment Edited] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E" }, { "name": "[debian-lts-announce] 20210326 [SECURITY] [DLA 2608-1] jquery security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html" }, { "name": "[flink-issues] 20210422 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210422 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210429 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210429 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E" }, { "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "url": "https://www.tenable.com/security/tns-2021-10" }, { "url": "https://www.tenable.com/security/tns-2021-02" }, { "url": "http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html" }, { "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "name": "[flink-issues] 20211031 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E" }, { "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" } ], "source": { "advisory": "GHSA-jpcq-cgw6-v4j6", "discovery": "UNKNOWN" }, "title": "Potential XSS vulnerability in jQuery" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-11023", "datePublished": "2020-04-29T00:00:00", "dateReserved": "2020-03-30T00:00:00", "dateUpdated": "2024-08-04T11:21:14.226Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2020-11023\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2020-04-29T21:15:11.743\",\"lastModified\":\"2023-11-07T03:14:27.553\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing \u003coption\u003e elements from untrusted sources - even after sanitizing it - to one of jQuery\u0027s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.\"},{\"lang\":\"es\",\"value\":\"En jQuery versiones mayores o iguales a 1.0.3 y anteriores a la versi\u00f3n 3.5.0, passing HTML contiene elementos de fuentes no seguras \u2013 incluso despu\u00e9s de sanearlo \u2013 para uno de los m\u00e9todos de manipulaci\u00f3n de jQuery \u00b4s DOM ( i.e. html t(), adjunto (), y otros ) podr\u00edan ejecutar c\u00f3digos no seguros. Este problema est\u00e1 corregido en JQuery 3.5.0.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7},{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\",\"baseScore\":6.9,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.6,\"impactScore\":4.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\",\"baseScore\":4.3},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.3\",\"versionEndExcluding\":\"3.5.0\",\"matchCriteriaId\":\"1888A4D3-5058-41FC-9F3B-E837CFC0505C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndExcluding\":\"7.70\",\"matchCriteriaId\":\"70C672EE-2027-4A29-8C14-3450DEF1462A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.7.0\",\"versionEndExcluding\":\"8.7.14\",\"matchCriteriaId\":\"BBFE42E2-6583-4EBE-B320-B8CF9CA0C3BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.8.0\",\"versionEndExcluding\":\"8.8.6\",\"matchCriteriaId\":\"7BA49DB0-ECC3-4155-B76C-0CA292600DE6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"20.2\",\"matchCriteriaId\":\"96FC5AC6-88AC-4C4D-8692-7489D6DE8E16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A125E817-F974-4509-872C-B71933F42AD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.7.0\",\"versionEndIncluding\":\"2.8.0\",\"matchCriteriaId\":\"660DB443-6250-4956-ABD1-C6A522B8DCCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.0\",\"versionEndIncluding\":\"2.10.0\",\"matchCriteriaId\":\"3625D477-1338-46CB-90B1-7291D617DC39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"B602F9E8-1580-436C-A26D-6E6F8121A583\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55D98C27-734F-490B-92D5-251805C841B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.4.0\",\"matchCriteriaId\":\"1A0E3537-CB5A-40BF-B42C-CED9211B8892\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C57FD3A-0CC1-4BA9-879A-8C4A40234162\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"698FB6D0-B26F-4760-9B9B-1C65FBFF2126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F1D64BC-17BF-4DAE-B5FC-BC41F9C12DFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1\",\"versionEndIncluding\":\"6.4\",\"matchCriteriaId\":\"324821D1-6A7A-4D46-A1C5-03D688F7A32A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.1\",\"versionEndIncluding\":\"4.3\",\"matchCriteriaId\":\"9264AF8A-3819-40E5-BBCB-3B6C95A0D828\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D52F557F-D0A0-43D3-85F1-F10B6EBFAEDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"062E4E7C-55BB-46F3-8B61-5A663B565891\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB43DFD4-D058-4001-BD19-488E059F4532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"086E2E5C-44EB-4C07-B298-C04189533996\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA77B994-3872-4059-854B-0974AA5593D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5682DAEB-3810-4541-833A-568C868BCE0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01BC9AED-F81D-4344-AD97-EEF19B6EA8C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8198E762-9AD9-452B-B1AF-516E52436B7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51DB64CA-8953-43BB-AEA9-D0D7E91E9FE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CCE1968-016C-43C1-9EE1-FD9F978B688F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B5DBF4C-84BB-4537-BD8D-E10C5A4B69F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:health_sciences_inform:6.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52893362-272A-4AED-9167-6613C2E86385\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1F726C6-EA5A-40FF-8809-4F48E4AE6976\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD7C26E3-BB0D-4218-8176-319AEA2925C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD67072F-3CFC-480D-9360-81A05D523318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"652E762A-BCDD-451E-9DE3-F1555C1E4B16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:hyperion_financial_reporting:11.1.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A6675A3-684B-4486-A451-C6688F1C821B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.2.5.0\",\"matchCriteriaId\":\"3D4EF35F-B239-4820-936F-0FA51DECA8A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.2.5.0\",\"matchCriteriaId\":\"ABEF6749-518B-4D0F-8EA6-40E9FBE4CE0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:oss_support_tools:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.12.41\",\"matchCriteriaId\":\"61B4D874-CCF2-4C78-A823-69A62FA1F6C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_resources:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0502309-C0D6-4530-9D92-F10B3B36DE14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.2\",\"versionEndIncluding\":\"16.2.11\",\"matchCriteriaId\":\"1CB8F81A-D028-4258-9A4F-ADEE25BE95FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.12.0\",\"versionEndIncluding\":\"17.12.7\",\"matchCriteriaId\":\"E4AA3854-C9FD-4287-85A0-EE7907D1E1ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.8.0\",\"versionEndIncluding\":\"18.8.9\",\"matchCriteriaId\":\"E8CD4002-F310-4BE4-AF7B-4BCCB17DA6FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"19.12.0\",\"versionEndIncluding\":\"19.12.4\",\"matchCriteriaId\":\"69112C56-7747-4E11-A938-85A481529F58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"36FC547E-861A-418C-A314-DA09A457B13A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"DF9FEE51-50E3-41E9-AA0D-272A640F85CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"E69E905F-2E1A-4462-9082-FF7B10474496\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"0F9B692C-8986-4F91-9EF4-2BB1E3B5C133\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"C5F4C40E-3ABC-4C59-B226-224262DCFF37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:siebel_mobile:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"20.12\",\"matchCriteriaId\":\"2FF424F8-E15C-415D-A170-EC6450F35282\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6953CFDB-33C0-4B8E-BBBD-E460A17E8ED3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7737E073-B46E-456E-807C-FBEA43872A33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D551CAB1-4312-44AA-BDA8-A030817E153A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"174A6D2E-E42E-4C92-A194-C6A820CD7EF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C93CC705-1F8C-4870-99E6-14BF264C3811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F14A818F-AA16-4438-A3E4-E64C9287AC66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"108A2215-50FB-4074-94CF-C130FA14566D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32F0B6C0-F930-480D-962B-3F4EFDCC13C7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"803BC414-B250-4E3A-A478-A3881340D6B8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FEB3337-BFDE-462A-908B-176F92053CEC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"736AEAE9-782B-4F71-9893-DED53367E102\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD1FCB0D-3E19-4461-9330-4D7F02972A35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0\",\"versionEndIncluding\":\"3.1.3\",\"matchCriteriaId\":\"B9273745-6408-4CD3-94E8-9385D4F5FE69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F4754FB-E3EB-454A-AB1A-AE3835C5350C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapcenter_server:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E788440A-02B0-45F5-AFBC-7109F3177033\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.9\",\"matchCriteriaId\":\"4ACF85D6-6B45-43DA-9C01-F0208186F014\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Broken Link\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://jquery.com/upgrade-guide/3.5/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://security.gentoo.org/glsa/202007-03\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20200511-0006/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4693\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.drupal.org/sa-core-2020-002\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2021-02\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2021-10\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
rhsa-2020_4211
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat AMQ Interconnect 1.9.0 release packages are available for A-MQ Interconnect on RHEL 6, 7, and 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat AMQ Interconnect is a component of the AMQ 7 product family. AMQ Interconnect provides flexible routing of messages between AMQP-enabled endpoints, whether they are clients, servers, brokers, or any other entity that can send or receive standard AMQP messages.\n\nThis release of Red Hat AMQ Interconnect 1.9.0 serves as a replacement for Red Hat AMQ Interconnect 1.8.0 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* jQuery: allows XSS via the load method (CVE-2020-7656)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:4211", "url": "https://access.redhat.com/errata/RHSA-2020:4211" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.amq.interconnect\u0026downloadType=distributions\u0026version=1.9.0", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.amq.interconnect\u0026downloadType=distributions\u0026version=1.9.0" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_amq/", "url": "https://access.redhat.com/documentation/en-us/red_hat_amq/" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "1850119", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850119" }, { "category": "external", "summary": "ENTMQIC-2448", "url": "https://issues.redhat.com/browse/ENTMQIC-2448" }, { "category": "external", "summary": "ENTMQIC-2455", "url": "https://issues.redhat.com/browse/ENTMQIC-2455" }, { "category": "external", "summary": "ENTMQIC-2460", "url": "https://issues.redhat.com/browse/ENTMQIC-2460" }, { "category": "external", "summary": "ENTMQIC-2481", "url": "https://issues.redhat.com/browse/ENTMQIC-2481" }, { "category": "external", "summary": "ENTMQIC-2485", "url": "https://issues.redhat.com/browse/ENTMQIC-2485" }, { "category": "external", "summary": "ENTMQIC-2492", "url": "https://issues.redhat.com/browse/ENTMQIC-2492" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4211.json" } ], "title": "Red Hat Security Advisory: Red Hat AMQ Interconnect 1.9.0 release and security update", "tracking": { "current_release_date": "2024-11-15T09:37:23+00:00", "generator": { "date": "2024-11-15T09:37:23+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:4211", "initial_release_date": "2020-10-08T07:01:31+00:00", "revision_history": [ { "date": "2020-10-08T07:01:31+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-10-08T07:01:31+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T09:37:23+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat AMQ Interconnect 1", "product": { "name": "Red Hat AMQ Interconnect 1", "product_id": "7ComputeNode-RH7-A-MQ-Interconnect-1", "product_identification_helper": { "cpe": "cpe:/a:redhat:amq_interconnect:1::el7" } } }, { "category": "product_name", "name": "Red Hat AMQ Interconnect 1", "product": { "name": "Red Hat AMQ Interconnect 1", "product_id": "7Server-RH7-A-MQ-Interconnect-1", "product_identification_helper": { "cpe": "cpe:/a:redhat:amq_interconnect:1::el7" } } }, { "category": "product_name", "name": "Red Hat AMQ Interconnect 1", "product": { "name": "Red Hat AMQ Interconnect 1", "product_id": "7Workstation-RH7-A-MQ-Interconnect-1", "product_identification_helper": { "cpe": "cpe:/a:redhat:amq_interconnect:1::el7" } } }, { "category": "product_name", "name": "Red Hat AMQ Interconnect 1", "product": { "name": "Red Hat AMQ Interconnect 1", "product_id": "6ComputeNode-RH6-A-MQ-Interconnect-1", "product_identification_helper": { "cpe": "cpe:/a:redhat:amq_interconnect:1::el6" } } }, { "category": "product_name", "name": "Red Hat AMQ Interconnect 1", "product": { "name": "Red Hat AMQ Interconnect 1", "product_id": "6Server-RH6-A-MQ-Interconnect-1", "product_identification_helper": { "cpe": "cpe:/a:redhat:amq_interconnect:1::el6" } } }, { "category": "product_name", "name": "Red Hat AMQ Interconnect 1", "product": { "name": "Red Hat AMQ Interconnect 1", "product_id": "6Workstation-RH6-A-MQ-Interconnect-1", "product_identification_helper": { "cpe": "cpe:/a:redhat:amq_interconnect:1::el6" } } }, { "category": "product_name", "name": "Red Hat AMQ Interconnect 1", "product": { "name": "Red Hat AMQ Interconnect 1", "product_id": "8Base-A-MQ-Interconnect-1", "product_identification_helper": { "cpe": "cpe:/a:redhat:amq_interconnect:1::el8" } } } ], "category": "product_family", "name": "Red Hat JBoss AMQ Interconnect" }, { "branches": [ { "category": "product_version", "name": "qpid-dispatch-0:1.13.0-3.el7.src", "product": { "name": "qpid-dispatch-0:1.13.0-3.el7.src", "product_id": "qpid-dispatch-0:1.13.0-3.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch@1.13.0-3.el7?arch=src" } } }, { "category": "product_version", "name": "qpid-dispatch-0:1.13.0-3.el6_10.src", "product": { "name": "qpid-dispatch-0:1.13.0-3.el6_10.src", "product_id": "qpid-dispatch-0:1.13.0-3.el6_10.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch@1.13.0-3.el6_10?arch=src" } } }, { "category": "product_version", "name": "qpid-dispatch-0:1.13.0-3.el8.src", "product": { "name": "qpid-dispatch-0:1.13.0-3.el8.src", "product_id": "qpid-dispatch-0:1.13.0-3.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch@1.13.0-3.el8?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "qpid-dispatch-console-0:1.13.0-3.el7.noarch", "product": { "name": "qpid-dispatch-console-0:1.13.0-3.el7.noarch", "product_id": "qpid-dispatch-console-0:1.13.0-3.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-console@1.13.0-3.el7?arch=noarch" } } }, { "category": "product_version", "name": "qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "product": { "name": "qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "product_id": "qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-docs@1.13.0-3.el7?arch=noarch" } } }, { "category": "product_version", "name": "qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "product": { "name": "qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "product_id": "qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-tools@1.13.0-3.el7?arch=noarch" } } }, { "category": "product_version", "name": "qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "product": { "name": "qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "product_id": "qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-console@1.13.0-3.el6_10?arch=noarch" } } }, { "category": "product_version", "name": "qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "product": { "name": "qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "product_id": "qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-docs@1.13.0-3.el6_10?arch=noarch" } } }, { "category": "product_version", "name": "qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "product": { "name": "qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "product_id": "qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-tools@1.13.0-3.el6_10?arch=noarch" } } }, { "category": "product_version", "name": "qpid-dispatch-console-0:1.13.0-3.el8.noarch", "product": { "name": "qpid-dispatch-console-0:1.13.0-3.el8.noarch", "product_id": "qpid-dispatch-console-0:1.13.0-3.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-console@1.13.0-3.el8?arch=noarch" } } }, { "category": "product_version", "name": "qpid-dispatch-docs-0:1.13.0-3.el8.noarch", "product": { "name": "qpid-dispatch-docs-0:1.13.0-3.el8.noarch", "product_id": "qpid-dispatch-docs-0:1.13.0-3.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-docs@1.13.0-3.el8?arch=noarch" } } }, { "category": "product_version", "name": "qpid-dispatch-tools-0:1.13.0-3.el8.noarch", "product": { "name": "qpid-dispatch-tools-0:1.13.0-3.el8.noarch", "product_id": "qpid-dispatch-tools-0:1.13.0-3.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-tools@1.13.0-3.el8?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "product": { "name": "qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "product_id": "qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-router@1.13.0-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "product": { "name": "qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "product_id": "qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-debuginfo@1.13.0-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "product": { "name": "qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "product_id": "qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-router@1.13.0-3.el6_10?arch=x86_64" } } }, { "category": "product_version", "name": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "product": { "name": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "product_id": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-debuginfo@1.13.0-3.el6_10?arch=x86_64" } } }, { "category": "product_version", "name": "qpid-dispatch-router-0:1.13.0-3.el8.x86_64", "product": { "name": "qpid-dispatch-router-0:1.13.0-3.el8.x86_64", "product_id": "qpid-dispatch-router-0:1.13.0-3.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-router@1.13.0-3.el8?arch=x86_64" } } }, { "category": "product_version", "name": "qpid-dispatch-debugsource-0:1.13.0-3.el8.x86_64", "product": { "name": "qpid-dispatch-debugsource-0:1.13.0-3.el8.x86_64", "product_id": "qpid-dispatch-debugsource-0:1.13.0-3.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-debugsource@1.13.0-3.el8?arch=x86_64" } } }, { "category": "product_version", "name": "qpid-dispatch-router-debuginfo-0:1.13.0-3.el8.x86_64", "product": { "name": "qpid-dispatch-router-debuginfo-0:1.13.0-3.el8.x86_64", "product_id": "qpid-dispatch-router-debuginfo-0:1.13.0-3.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-router-debuginfo@1.13.0-3.el8?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "product": { "name": "qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "product_id": "qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-router@1.13.0-3.el6_10?arch=i686" } } }, { "category": "product_version", "name": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "product": { "name": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "product_id": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/qpid-dispatch-debuginfo@1.13.0-3.el6_10?arch=i686" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-0:1.13.0-3.el6_10.src as a component of Red Hat AMQ Interconnect 1", "product_id": "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src" }, "product_reference": "qpid-dispatch-0:1.13.0-3.el6_10.src", "relates_to_product_reference": "6ComputeNode-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-console-0:1.13.0-3.el6_10.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch" }, "product_reference": "qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "relates_to_product_reference": "6ComputeNode-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686 as a component of Red Hat AMQ Interconnect 1", "product_id": "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686" }, "product_reference": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "relates_to_product_reference": "6ComputeNode-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64 as a component of Red Hat AMQ Interconnect 1", "product_id": "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64" }, "product_reference": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "relates_to_product_reference": "6ComputeNode-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch" }, "product_reference": "qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "relates_to_product_reference": "6ComputeNode-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-router-0:1.13.0-3.el6_10.i686 as a component of Red Hat AMQ Interconnect 1", "product_id": "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686" }, "product_reference": "qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "relates_to_product_reference": "6ComputeNode-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64 as a component of Red Hat AMQ Interconnect 1", "product_id": "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64" }, "product_reference": "qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "relates_to_product_reference": "6ComputeNode-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch" }, "product_reference": "qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "relates_to_product_reference": "6ComputeNode-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-0:1.13.0-3.el6_10.src as a component of Red Hat AMQ Interconnect 1", "product_id": "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src" }, "product_reference": "qpid-dispatch-0:1.13.0-3.el6_10.src", "relates_to_product_reference": "6Server-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-console-0:1.13.0-3.el6_10.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch" }, "product_reference": "qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "relates_to_product_reference": "6Server-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686 as a component of Red Hat AMQ Interconnect 1", "product_id": "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686" }, "product_reference": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "relates_to_product_reference": "6Server-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64 as a component of Red Hat AMQ Interconnect 1", "product_id": "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64" }, "product_reference": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "relates_to_product_reference": "6Server-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch" }, "product_reference": "qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "relates_to_product_reference": "6Server-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-router-0:1.13.0-3.el6_10.i686 as a component of Red Hat AMQ Interconnect 1", "product_id": "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686" }, "product_reference": "qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "relates_to_product_reference": "6Server-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64 as a component of Red Hat AMQ Interconnect 1", "product_id": "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64" }, "product_reference": "qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "relates_to_product_reference": "6Server-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch" }, "product_reference": "qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "relates_to_product_reference": "6Server-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-0:1.13.0-3.el6_10.src as a component of Red Hat AMQ Interconnect 1", "product_id": "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src" }, "product_reference": "qpid-dispatch-0:1.13.0-3.el6_10.src", "relates_to_product_reference": "6Workstation-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-console-0:1.13.0-3.el6_10.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch" }, "product_reference": "qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "relates_to_product_reference": "6Workstation-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686 as a component of Red Hat AMQ Interconnect 1", "product_id": "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686" }, "product_reference": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "relates_to_product_reference": "6Workstation-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64 as a component of Red Hat AMQ Interconnect 1", "product_id": "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64" }, "product_reference": "qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "relates_to_product_reference": "6Workstation-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch" }, "product_reference": "qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "relates_to_product_reference": "6Workstation-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-router-0:1.13.0-3.el6_10.i686 as a component of Red Hat AMQ Interconnect 1", "product_id": "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686" }, "product_reference": "qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "relates_to_product_reference": "6Workstation-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64 as a component of Red Hat AMQ Interconnect 1", "product_id": "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64" }, "product_reference": "qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "relates_to_product_reference": "6Workstation-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch" }, "product_reference": "qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "relates_to_product_reference": "6Workstation-RH6-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-0:1.13.0-3.el7.src as a component of Red Hat AMQ Interconnect 1", "product_id": "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src" }, "product_reference": "qpid-dispatch-0:1.13.0-3.el7.src", "relates_to_product_reference": "7ComputeNode-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-console-0:1.13.0-3.el7.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch" }, "product_reference": "qpid-dispatch-console-0:1.13.0-3.el7.noarch", "relates_to_product_reference": "7ComputeNode-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64 as a component of Red Hat AMQ Interconnect 1", "product_id": "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64" }, "product_reference": "qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "relates_to_product_reference": "7ComputeNode-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-docs-0:1.13.0-3.el7.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch" }, "product_reference": "qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "relates_to_product_reference": "7ComputeNode-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-router-0:1.13.0-3.el7.x86_64 as a component of Red Hat AMQ Interconnect 1", "product_id": "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64" }, "product_reference": "qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "relates_to_product_reference": "7ComputeNode-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-tools-0:1.13.0-3.el7.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch" }, "product_reference": "qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "relates_to_product_reference": "7ComputeNode-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-0:1.13.0-3.el7.src as a component of Red Hat AMQ Interconnect 1", "product_id": "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src" }, "product_reference": "qpid-dispatch-0:1.13.0-3.el7.src", "relates_to_product_reference": "7Server-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-console-0:1.13.0-3.el7.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch" }, "product_reference": "qpid-dispatch-console-0:1.13.0-3.el7.noarch", "relates_to_product_reference": "7Server-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64 as a component of Red Hat AMQ Interconnect 1", "product_id": "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64" }, "product_reference": "qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "relates_to_product_reference": "7Server-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-docs-0:1.13.0-3.el7.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch" }, "product_reference": "qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "relates_to_product_reference": "7Server-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-router-0:1.13.0-3.el7.x86_64 as a component of Red Hat AMQ Interconnect 1", "product_id": "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64" }, "product_reference": "qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "relates_to_product_reference": "7Server-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-tools-0:1.13.0-3.el7.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch" }, "product_reference": "qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "relates_to_product_reference": "7Server-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-0:1.13.0-3.el7.src as a component of Red Hat AMQ Interconnect 1", "product_id": "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src" }, "product_reference": "qpid-dispatch-0:1.13.0-3.el7.src", "relates_to_product_reference": "7Workstation-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-console-0:1.13.0-3.el7.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch" }, "product_reference": "qpid-dispatch-console-0:1.13.0-3.el7.noarch", "relates_to_product_reference": "7Workstation-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64 as a component of Red Hat AMQ Interconnect 1", "product_id": "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64" }, "product_reference": "qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-docs-0:1.13.0-3.el7.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch" }, "product_reference": "qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "relates_to_product_reference": "7Workstation-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-router-0:1.13.0-3.el7.x86_64 as a component of Red Hat AMQ Interconnect 1", "product_id": "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64" }, "product_reference": "qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-tools-0:1.13.0-3.el7.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch" }, "product_reference": "qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "relates_to_product_reference": "7Workstation-RH7-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-0:1.13.0-3.el8.src as a component of Red Hat AMQ Interconnect 1", "product_id": "8Base-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el8.src" }, "product_reference": "qpid-dispatch-0:1.13.0-3.el8.src", "relates_to_product_reference": "8Base-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-console-0:1.13.0-3.el8.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "8Base-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el8.noarch" }, "product_reference": "qpid-dispatch-console-0:1.13.0-3.el8.noarch", "relates_to_product_reference": "8Base-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-debugsource-0:1.13.0-3.el8.x86_64 as a component of Red Hat AMQ Interconnect 1", "product_id": "8Base-A-MQ-Interconnect-1:qpid-dispatch-debugsource-0:1.13.0-3.el8.x86_64" }, "product_reference": "qpid-dispatch-debugsource-0:1.13.0-3.el8.x86_64", "relates_to_product_reference": "8Base-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-docs-0:1.13.0-3.el8.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "8Base-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el8.noarch" }, "product_reference": "qpid-dispatch-docs-0:1.13.0-3.el8.noarch", "relates_to_product_reference": "8Base-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-router-0:1.13.0-3.el8.x86_64 as a component of Red Hat AMQ Interconnect 1", "product_id": "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el8.x86_64" }, "product_reference": "qpid-dispatch-router-0:1.13.0-3.el8.x86_64", "relates_to_product_reference": "8Base-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-router-debuginfo-0:1.13.0-3.el8.x86_64 as a component of Red Hat AMQ Interconnect 1", "product_id": "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-debuginfo-0:1.13.0-3.el8.x86_64" }, "product_reference": "qpid-dispatch-router-debuginfo-0:1.13.0-3.el8.x86_64", "relates_to_product_reference": "8Base-A-MQ-Interconnect-1" }, { "category": "default_component_of", "full_product_name": { "name": "qpid-dispatch-tools-0:1.13.0-3.el8.noarch as a component of Red Hat AMQ Interconnect 1", "product_id": "8Base-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el8.noarch" }, "product_reference": "qpid-dispatch-tools-0:1.13.0-3.el8.noarch", "relates_to_product_reference": "8Base-A-MQ-Interconnect-1" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-7656", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850119" } ], "notes": [ { "category": "description", "text": "A flaw was found in jquery in versions prior to 1.9.0. A cross-site scripting attack is possible as the load method fails to recognize and remove \"\u003cscript\u003e\" HTML tags that contain a whitespace character which results in the enclosed script logic to be executed. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting (XSS) via \u003cscript\u003e HTML tags containing whitespaces", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux version 6, 7 and 8 ship a vulnerable version of JQuery in the `pcs` component. However the vulnerable has not been found to be exploitable in reasonable scenarios. A future update may update JQuery to a fixed version.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el8.src", "8Base-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-debugsource-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-debuginfo-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el8.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7656" }, { "category": "external", "summary": "RHBZ#1850119", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850119" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7656", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7656" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7656", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7656" } ], "release_date": "2020-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-08T07:01:31+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el8.src", "8Base-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-debugsource-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-debuginfo-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el8.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4211" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el8.src", "8Base-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-debugsource-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-debuginfo-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el8.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting (XSS) via \u003cscript\u003e HTML tags containing whitespaces" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el8.src", "8Base-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-debugsource-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-debuginfo-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el8.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-08T07:01:31+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el8.src", "8Base-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-debugsource-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-debuginfo-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el8.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4211" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el8.src", "8Base-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-debugsource-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-debuginfo-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el8.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el8.src", "8Base-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-debugsource-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-debuginfo-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el8.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-08T07:01:31+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el8.src", "8Base-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-debugsource-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-debuginfo-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el8.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4211" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6ComputeNode-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Server-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el6_10.src", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el6_10.noarch", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.i686", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el6_10.x86_64", "6Workstation-RH6-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el6_10.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7ComputeNode-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Server-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el7.src", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-debuginfo-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el7.noarch", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el7.x86_64", "7Workstation-RH7-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el7.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-0:1.13.0-3.el8.src", "8Base-A-MQ-Interconnect-1:qpid-dispatch-console-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-debugsource-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-docs-0:1.13.0-3.el8.noarch", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-router-debuginfo-0:1.13.0-3.el8.x86_64", "8Base-A-MQ-Interconnect-1:qpid-dispatch-tools-0:1.13.0-3.el8.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" } ] }
rhsa-2023_1045
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.2 on RHEL 9 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* keycloak: reflected XSS attack (CVE-2022-4137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1045", "url": "https://access.redhat.com/errata/RHSA-2023:1045" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "2031904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904" }, { "category": "external", "summary": "2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "2072009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009" }, { "category": "external", "summary": "2073157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157" }, { "category": "external", "summary": "2105075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075" }, { "category": "external", "summary": "2117506", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506" }, { "category": "external", "summary": "2126789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789" }, { "category": "external", "summary": "2129706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706" }, { "category": "external", "summary": "2129707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707" }, { "category": "external", "summary": "2129709", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709" }, { "category": "external", "summary": "2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "2138971", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971" }, { "category": "external", "summary": "2140597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597" }, { "category": "external", "summary": "2141404", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404" }, { "category": "external", "summary": "2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "2148496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496" }, { "category": "external", "summary": "2150009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009" }, { "category": "external", "summary": "2155681", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681" }, { "category": "external", "summary": "2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "2158585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585" }, { "category": "external", "summary": "2160585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1045.json" } ], "title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 9", "tracking": { "current_release_date": "2024-11-21T21:15:06+00:00", "generator": { "date": "2024-11-21T21:15:06+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1045", "initial_release_date": "2023-03-01T21:45:17+00:00", "revision_history": [ { "date": "2023-03-01T21:45:17+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-01T21:45:17+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-21T21:15:06+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Single Sign-On 7.6 for RHEL 9", "product": { "name": "Red Hat Single Sign-On 7.6 for RHEL 9", "product_id": "9Base-RHSSO-7.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9" } } } ], "category": "product_family", "name": "Red Hat Single Sign-On" }, { "branches": [ { "category": "product_version", "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "product": { "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el9sso?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "product": { "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el9sso?arch=noarch" } } }, { "category": "product_version", "name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "product": { "name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "product_id": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@18.0.6-1.redhat_00001.1.el9sso?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 9", "product_id": "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch" }, "product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "relates_to_product_reference": "9Base-RHSSO-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src as a component of Red Hat Single Sign-On 7.6 for RHEL 9", "product_id": "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src" }, "product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "relates_to_product_reference": "9Base-RHSSO-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 9", "product_id": "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" }, "product_reference": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "relates_to_product_reference": "9Base-RHSSO-7.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-14040", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601614" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14040" }, { "category": "external", "summary": "RHBZ#1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14040" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute" }, { "cve": "CVE-2018-14042", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601617" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14042" }, { "category": "external", "summary": "RHBZ#1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14042" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip" }, { "cve": "CVE-2019-11358", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-03-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1701972" } ], "notes": [ { "category": "description", "text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11358" }, { "category": "external", "summary": "RHBZ#1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "category": "external", "summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "category": "external", "summary": "https://www.drupal.org/sa-core-2019-006", "url": "https://www.drupal.org/sa-core-2019-006" } ], "release_date": "2019-03-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "cve": "CVE-2021-35065", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156324" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "glob-parent: Regular Expression Denial of Service", "title": "Vulnerability summary" }, { "category": "other", "text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-35065" }, { "category": "external", "summary": "RHBZ#2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065", "url": "https://www.cve.org/CVERecord?id=CVE-2021-35065" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294", "url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294" } ], "release_date": "2022-12-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "glob-parent: Regular Expression Denial of Service" }, { "cve": "CVE-2021-44906", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2066009" } ], "notes": [ { "category": "description", "text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "minimist: prototype pollution", "title": "Vulnerability summary" }, { "category": "other", "text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44906" }, { "category": "external", "summary": "RHBZ#2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h", "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h" } ], "release_date": "2022-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "minimist: prototype pollution" }, { "acknowledgments": [ { "names": [ "Marcus Nilsson" ], "organization": "usd AG" } ], "cve": "CVE-2022-1274", "cwe": { "id": "CWE-80", "name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)" }, "discovery_date": "2022-04-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2073157" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: HTML injection in execute-actions-email Admin REST API", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-1274" }, { "category": "external", "summary": "RHBZ#2073157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1274" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274" }, { "category": "external", "summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725", "url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725" } ], "release_date": "2023-02-28T18:57:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: HTML injection in execute-actions-email Admin REST API" }, { "acknowledgments": [ { "names": [ "Grzegorz Tworek" ], "organization": "SISOFT s.c." } ], "cve": "CVE-2022-1438", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2021-12-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2031904" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: XSS on impersonation under specific circumstances", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-1438" }, { "category": "external", "summary": "RHBZ#2031904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1438" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438" } ], "release_date": "2023-02-28T18:56:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: XSS on impersonation under specific circumstances" }, { "cve": "CVE-2022-1471", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-12-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150009" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).", "title": "Vulnerability description" }, { "category": "summary", "text": "SnakeYaml: Constructor Deserialization Remote Code Execution", "title": "Vulnerability summary" }, { "category": "other", "text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-1471" }, { "category": "external", "summary": "RHBZ#2150009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1471" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471" }, { "category": "external", "summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2", "url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2" } ], "release_date": "2022-10-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "SnakeYaml: Constructor Deserialization Remote Code Execution" }, { "cve": "CVE-2022-2764", "discovery_date": "2022-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2117506" } ], "notes": [ { "category": "description", "text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-2764" }, { "category": "external", "summary": "RHBZ#2117506", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2764" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764" } ], "release_date": "2022-08-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations" }, { "acknowledgments": [ { "names": [ "Peter Flintholm" ], "organization": "Trifork" } ], "cve": "CVE-2022-3916", "cwe": { "id": "CWE-384", "name": "Session Fixation" }, "discovery_date": "2022-11-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2141404" } ], "notes": [ { "category": "description", "text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: Session takeover with OIDC offline refreshtokens", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3916" }, { "category": "external", "summary": "RHBZ#2141404", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3916" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916" } ], "release_date": "2022-11-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: Session takeover with OIDC offline refreshtokens" }, { "cve": "CVE-2022-4137", "cwe": { "id": "CWE-81", "name": "Improper Neutralization of Script in an Error Message Web Page" }, "discovery_date": "2022-11-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2148496" } ], "notes": [ { "category": "description", "text": "A reflected cross-site scripting (XSS) vulnerability was found in the \u0027oob\u0027 OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: reflected XSS attack", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-4137" }, { "category": "external", "summary": "RHBZ#2148496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4137", "url": "https://www.cve.org/CVERecord?id=CVE-2022-4137" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137" } ], "release_date": "2023-03-01T13:56:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "keycloak: reflected XSS attack" }, { "cve": "CVE-2022-24785", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2022-04-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2072009" } ], "notes": [ { "category": "description", "text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "Moment.js: Path traversal in moment.locale", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24785" }, { "category": "external", "summary": "RHBZ#2072009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24785" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785" }, { "category": "external", "summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4", "url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4" } ], "release_date": "2022-04-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" }, { "category": "workaround", "details": "Sanitize the user-provided locale name before passing it to Moment.js.", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Moment.js: Path traversal in moment.locale" }, { "cve": "CVE-2022-25857", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2126789" } ], "notes": [ { "category": "description", "text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections", "title": "Vulnerability summary" }, { "category": "other", "text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-25857" }, { "category": "external", "summary": "RHBZ#2126789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857", "url": "https://www.cve.org/CVERecord?id=CVE-2022-25857" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857" }, { "category": "external", "summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525" } ], "release_date": "2022-08-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections" }, { "cve": "CVE-2022-31129", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-07-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2105075" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "moment: inefficient parsing algorithm resulting in DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-31129" }, { "category": "external", "summary": "RHBZ#2105075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129", "url": "https://www.cve.org/CVERecord?id=CVE-2022-31129" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129" }, { "category": "external", "summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g", "url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g" } ], "release_date": "2022-07-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "moment: inefficient parsing algorithm resulting in DoS" }, { "cve": "CVE-2022-37603", "cwe": { "id": "CWE-185", "name": "Incorrect Regular Expression" }, "discovery_date": "2022-11-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140597" } ], "notes": [ { "category": "description", "text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.", "title": "Vulnerability description" }, { "category": "summary", "text": "loader-utils: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-37603" }, { "category": "external", "summary": "RHBZ#2140597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603", "url": "https://www.cve.org/CVERecord?id=CVE-2022-37603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603" } ], "release_date": "2022-10-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "loader-utils: Regular expression denial of service" }, { "cve": "CVE-2022-38749", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2129706" } ], "notes": [ { "category": "description", "text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38749" }, { "category": "external", "summary": "RHBZ#2129706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38749" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749" } ], "release_date": "2022-09-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode" }, { "cve": "CVE-2022-38750", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2129707" } ], "notes": [ { "category": "description", "text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38750" }, { "category": "external", "summary": "RHBZ#2129707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38750" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750" } ], "release_date": "2022-09-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject" }, { "cve": "CVE-2022-38751", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2129709" } ], "notes": [ { "category": "description", "text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38751" }, { "category": "external", "summary": "RHBZ#2129709", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38751" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751" } ], "release_date": "2022-09-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match" }, { "cve": "CVE-2022-40149", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-10-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135771" } ], "notes": [ { "category": "description", "text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: parser crash by stackoverflow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40149" }, { "category": "external", "summary": "RHBZ#2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40149" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: parser crash by stackoverflow" }, { "cve": "CVE-2022-40150", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-10-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135770" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: memory exhaustion via user-supplied XML or JSON data", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40150" }, { "category": "external", "summary": "RHBZ#2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jettison: memory exhaustion via user-supplied XML or JSON data" }, { "cve": "CVE-2022-42003", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135244" } ], "notes": [ { "category": "description", "text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42003" }, { "category": "external", "summary": "RHBZ#2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS" }, { "cve": "CVE-2022-42004", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135247" } ], "notes": [ { "category": "description", "text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: use of deeply nested arrays", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42004" }, { "category": "external", "summary": "RHBZ#2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: use of deeply nested arrays" }, { "cve": "CVE-2022-45047", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-11-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2145194" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.", "title": "Vulnerability description" }, { "category": "summary", "text": "mina-sshd: Java unsafe deserialization vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45047" }, { "category": "external", "summary": "RHBZ#2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45047" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047" }, { "category": "external", "summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html", "url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html" } ], "release_date": "2022-11-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" }, { "category": "workaround", "details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "mina-sshd: Java unsafe deserialization vulnerability" }, { "cve": "CVE-2022-45693", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-12-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155970" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45693" }, { "category": "external", "summary": "RHBZ#2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45693" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos" }, { "cve": "CVE-2022-46175", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156263" } ], "notes": [ { "category": "description", "text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.", "title": "Vulnerability description" }, { "category": "summary", "text": "json5: Prototype Pollution in JSON5 via Parse Method", "title": "Vulnerability summary" }, { "category": "other", "text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46175" }, { "category": "external", "summary": "RHBZ#2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46175" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175" }, { "category": "external", "summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h", "url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h" } ], "release_date": "2022-12-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "json5: Prototype Pollution in JSON5 via Parse Method" }, { "cve": "CVE-2022-46363", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2022-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155681" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.", "title": "Vulnerability description" }, { "category": "summary", "text": "CXF: directory listing / code exfiltration", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46363" }, { "category": "external", "summary": "RHBZ#2155681", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46363" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363" }, { "category": "external", "summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c", "url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "CXF: directory listing / code exfiltration" }, { "cve": "CVE-2022-46364", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2022-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155682" } ], "notes": [ { "category": "description", "text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.", "title": "Vulnerability description" }, { "category": "summary", "text": "CXF: SSRF Vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46364" }, { "category": "external", "summary": "RHBZ#2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46364" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364" }, { "category": "external", "summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2", "url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "CXF: SSRF Vulnerability" }, { "acknowledgments": [ { "names": [ "Sourav Kumar" ], "organization": "https://github.com/souravs17031999", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0091", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2022-10-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2158585" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: Client Registration endpoint does not check token revocation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0091" }, { "category": "external", "summary": "RHBZ#2158585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0091" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091" }, { "category": "external", "summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg", "url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg" }, { "category": "external", "summary": "https://github.com/keycloak/security/issues/27", "url": "https://github.com/keycloak/security/issues/27" } ], "release_date": "2022-10-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "keycloak: Client Registration endpoint does not check token revocation" }, { "acknowledgments": [ { "names": [ "Jordi Zayuelas i Mu\u00f1oz" ], "organization": "A1 Digital", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0264", "cwe": { "id": "CWE-303", "name": "Incorrect Implementation of Authentication Algorithm" }, "discovery_date": "2023-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2160585" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: user impersonation via stolen uuid code", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0264" }, { "category": "external", "summary": "RHBZ#2160585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0264" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264" } ], "release_date": "2023-02-28T18:58:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch", "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src", "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: user impersonation via stolen uuid code" } ] }
rhsa-2020_2813
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.4.1 serves as a replacement for Red Hat Single Sign-On 7.4.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: verify-token-audience support is missing in the NodeJS adapter (CVE-2020-1694)\n\n* keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution (CVE-2020-1714)\n\n* js-jquery: jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* js-jquery: jQuery: passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* undertow: invalid HTTP request with large chunk size (CVE-2020-10719)\n\n* keycloak: top-level navigations to data URLs resulting in XSS are possible (incomplete fix of CVE-2020-1697) (CVE-2020-10748)\n\n* jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)\n\n* jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)\n\n* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)\n\n* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:2813", "url": "https://access.redhat.com/errata/RHSA-2020:2813" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=core.service.rhsso\u0026version=7.4", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=core.service.rhsso\u0026version=7.4" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/", "url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/" }, { "category": "external", "summary": "1705975", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705975" }, { "category": "external", "summary": "1790759", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790759" }, { "category": "external", "summary": "1816330", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816330" }, { "category": "external", "summary": "1816332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816332" }, { "category": "external", "summary": "1816337", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816337" }, { "category": "external", "summary": "1816340", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816340" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "1828459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828459" }, { "category": "external", "summary": "1836786", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1836786" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2813.json" } ], "title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.4.1 security update", "tracking": { "current_release_date": "2024-11-21T20:07:41+00:00", "generator": { "date": "2024-11-21T20:07:41+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:2813", "initial_release_date": "2020-07-02T13:21:10+00:00", "revision_history": [ { "date": "2020-07-02T13:21:10+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-07-02T13:21:10+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-21T20:07:41+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Single Sign-On 7.4.1", "product": { "name": "Red Hat Single Sign-On 7.4.1", "product_id": "Red Hat Single Sign-On 7.4.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_single_sign_on:7.4" } } } ], "category": "product_family", "name": "Red Hat Single Sign-On" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-1694", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "discovery_date": "2019-12-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1790759" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: verify-token-audience support is missing in the NodeJS adapter", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.4.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1694" }, { "category": "external", "summary": "RHBZ#1790759", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790759" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1694", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1694" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1694", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1694" } ], "release_date": "2020-07-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-02T13:21:10+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.4.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2813" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7.4.1" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "keycloak: verify-token-audience support is missing in the NodeJS adapter" }, { "acknowledgments": [ { "names": [ "Thomas Darimont" ] } ], "cve": "CVE-2020-1714", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2019-04-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1705975" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.4.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1714" }, { "category": "external", "summary": "RHBZ#1705975", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705975" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1714", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1714" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1714", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1714" } ], "release_date": "2020-05-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-02T13:21:10+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.4.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2813" }, { "category": "workaround", "details": "There is currently no known mitigation for this issue.", "product_ids": [ "Red Hat Single Sign-On 7.4.1" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7.4.1" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution" }, { "cve": "CVE-2020-8840", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1816330" } ], "notes": [ { "category": "description", "text": "A flaw was found in FasterXML jackson-databind in versions 2.0.0 through 2.9.10.2. A \"gadget\" exploit is possible due to a lack of a Java object being blocking from being deserialized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.4.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-8840" }, { "category": "external", "summary": "RHBZ#1816330", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816330" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-8840", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8840" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840" } ], "release_date": "2020-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-02T13:21:10+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.4.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2813" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.4.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking" }, { "cve": "CVE-2020-9546", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1816332" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in shaded-hikari-config", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.4.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-9546" }, { "category": "external", "summary": "RHBZ#1816332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816332" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9546", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9546" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546" } ], "release_date": "2020-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-02T13:21:10+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.4.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2813" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.4.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in shaded-hikari-config" }, { "cve": "CVE-2020-9547", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1816337" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in ibatis-sqlmap", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.4.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-9547" }, { "category": "external", "summary": "RHBZ#1816337", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816337" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9547", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9547" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547" } ], "release_date": "2020-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-02T13:21:10+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.4.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2813" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.4.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in ibatis-sqlmap" }, { "cve": "CVE-2020-9548", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1816340" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in anteros-core", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.4.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-9548" }, { "category": "external", "summary": "RHBZ#1816340", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816340" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9548", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548" } ], "release_date": "2020-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-02T13:21:10+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.4.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2813" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.4.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in anteros-core" }, { "acknowledgments": [ { "names": [ "ZeddYu" ] } ], "cve": "CVE-2020-10719", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2020-02-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828459" } ], "notes": [ { "category": "description", "text": "A flaw was found in Undertow, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: invalid HTTP request with large chunk size", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.4.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10719" }, { "category": "external", "summary": "RHBZ#1828459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828459" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10719", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10719" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10719", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10719" } ], "release_date": "2020-05-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-02T13:21:10+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.4.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2813" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.4.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: invalid HTTP request with large chunk size" }, { "acknowledgments": [ { "names": [ "Lauritz Holtmann" ], "organization": "Chair for Network and Data Security at Ruhr University Bochum" } ], "cve": "CVE-2020-10748", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-05-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1836786" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak\u0027s data filter, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or further attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: top-level navigations to data URLs resulting in XSS are possible (incomplete fix of CVE-2020-1697)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.4.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10748" }, { "category": "external", "summary": "RHBZ#1836786", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1836786" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10748", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10748" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10748", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10748" } ], "release_date": "2020-07-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-02T13:21:10+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.4.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2813" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.4.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: top-level navigations to data URLs resulting in XSS are possible (incomplete fix of CVE-2020-1697)" }, { "cve": "CVE-2020-10969", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819212" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in javax.swing.JEditorPane", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.4.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10969" }, { "category": "external", "summary": "RHBZ#1819212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819212" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10969", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10969" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10969", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10969" } ], "release_date": "2020-03-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-02T13:21:10+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.4.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2813" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat Single Sign-On 7.4.1" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.4.1" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Serialization gadgets in javax.swing.JEditorPane" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.4.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-02T13:21:10+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.4.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2813" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.4.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.4.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-02T13:21:10+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.4.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2813" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.4.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" } ] }
rhsa-2023_0553
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of\nservice, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute\n(CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM\nmanipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n(CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy\n(CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability\n(CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of\nService attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of\ntooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute\n(CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator\n(CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n(CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data\n(CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0553", "url": "https://access.redhat.com/errata/RHSA-2023:0553" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/" }, { "category": "external", "summary": "1399546", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546" }, { "category": "external", "summary": "1553413", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413" }, { "category": "external", "summary": "1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "1601616", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616" }, { "category": "external", "summary": "1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "1668097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097" }, { "category": "external", "summary": "1686454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454" }, { "category": "external", "summary": "1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "2124682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682" }, { "category": "external", "summary": "2134291", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291" }, { "category": "external", "summary": "2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "JBEAP-23864", "url": "https://issues.redhat.com/browse/JBEAP-23864" }, { "category": "external", "summary": "JBEAP-23865", "url": "https://issues.redhat.com/browse/JBEAP-23865" }, { "category": "external", "summary": "JBEAP-23866", "url": "https://issues.redhat.com/browse/JBEAP-23866" }, { "category": "external", "summary": "JBEAP-23927", "url": "https://issues.redhat.com/browse/JBEAP-23927" }, { "category": "external", "summary": "JBEAP-24055", "url": "https://issues.redhat.com/browse/JBEAP-24055" }, { "category": "external", "summary": "JBEAP-24081", "url": "https://issues.redhat.com/browse/JBEAP-24081" }, { "category": "external", "summary": "JBEAP-24095", "url": "https://issues.redhat.com/browse/JBEAP-24095" }, { "category": "external", "summary": "JBEAP-24100", "url": "https://issues.redhat.com/browse/JBEAP-24100" }, { "category": "external", "summary": "JBEAP-24127", "url": "https://issues.redhat.com/browse/JBEAP-24127" }, { "category": "external", "summary": "JBEAP-24128", "url": "https://issues.redhat.com/browse/JBEAP-24128" }, { "category": "external", "summary": "JBEAP-24132", "url": "https://issues.redhat.com/browse/JBEAP-24132" }, { "category": "external", "summary": "JBEAP-24147", "url": "https://issues.redhat.com/browse/JBEAP-24147" }, { "category": "external", "summary": "JBEAP-24167", "url": "https://issues.redhat.com/browse/JBEAP-24167" }, { "category": "external", "summary": "JBEAP-24191", "url": "https://issues.redhat.com/browse/JBEAP-24191" }, { "category": "external", "summary": "JBEAP-24195", "url": "https://issues.redhat.com/browse/JBEAP-24195" }, { "category": "external", "summary": "JBEAP-24207", "url": "https://issues.redhat.com/browse/JBEAP-24207" }, { "category": "external", "summary": "JBEAP-24248", "url": "https://issues.redhat.com/browse/JBEAP-24248" }, { "category": "external", "summary": "JBEAP-24426", "url": "https://issues.redhat.com/browse/JBEAP-24426" }, { "category": "external", "summary": "JBEAP-24427", "url": "https://issues.redhat.com/browse/JBEAP-24427" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0553.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update", "tracking": { "current_release_date": "2024-11-15T13:21:52+00:00", "generator": { "date": "2024-11-15T13:21:52+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:0553", "initial_release_date": "2023-01-31T13:12:13+00:00", "revision_history": [ { "date": "2023-01-31T13:12:13+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-01-31T13:12:13+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T13:21:52+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.4 for RHEL 8", "product": { "name": "Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.3-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src", "product": { "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src", "product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "product": { "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "product": { "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "product": { "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "product": { "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "product": { "name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "product_id": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.7-1.redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "product": { "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "product": { "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "product": { "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "product": { "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "product": { "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "product": { "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "product": { "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el8eap?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.3-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.7-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.7-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "product_id": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise@1.0.1-3.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.7-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.7-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.7-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jms@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search-engine@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search-orm@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search-serialization-avro@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.16-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-24.Final_redhat_00023.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-24.Final_redhat_00023.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "product_id": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.9-4.GA_redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "product_id": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.9-4.GA_redhat_00003.1.el8eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src" }, "product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src" }, "product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src" }, "product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src" }, "product_reference": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src" }, "product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src" }, "product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src" }, "product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src" }, "product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src" }, "product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src" }, "product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-9251", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2016-11-27T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1399546" } ], "notes": [ { "category": "description", "text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting via cross-domain ajax requests", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-9251" }, { "category": "external", "summary": "RHBZ#1399546", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251", "url": "https://www.cve.org/CVERecord?id=CVE-2015-9251" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251" } ], "release_date": "2015-06-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Cross-site scripting via cross-domain ajax requests" }, { "cve": "CVE-2016-10735", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-01-09T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1668097" } ], "notes": [ { "category": "description", "text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: XSS in the data-target attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-10735" }, { "category": "external", "summary": "RHBZ#1668097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735", "url": "https://www.cve.org/CVERecord?id=CVE-2016-10735" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735" } ], "release_date": "2016-06-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: XSS in the data-target attribute" }, { "cve": "CVE-2017-18214", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2018-03-08T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1553413" } ], "notes": [ { "category": "description", "text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-moment: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-18214" }, { "category": "external", "summary": "RHBZ#1553413", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18214" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214" } ], "release_date": "2017-09-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-moment: Regular expression denial of service" }, { "cve": "CVE-2018-14040", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601614" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14040" }, { "category": "external", "summary": "RHBZ#1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14040" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute" }, { "cve": "CVE-2018-14041", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601616" } ], "notes": [ { "category": "description", "text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14041" }, { "category": "external", "summary": "RHBZ#1601616", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14041" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy" }, { "cve": "CVE-2018-14042", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601617" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14042" }, { "category": "external", "summary": "RHBZ#1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14042" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip" }, { "cve": "CVE-2019-8331", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-02-20T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1686454" } ], "notes": [ { "category": "description", "text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: XSS in the tooltip or popover data-template attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-8331" }, { "category": "external", "summary": "RHBZ#1686454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8331" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331" } ], "release_date": "2019-02-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: XSS in the tooltip or popover data-template attribute" }, { "cve": "CVE-2019-11358", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-03-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1701972" } ], "notes": [ { "category": "description", "text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11358" }, { "category": "external", "summary": "RHBZ#1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "category": "external", "summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "category": "external", "summary": "https://www.drupal.org/sa-core-2019-006", "url": "https://www.drupal.org/sa-core-2019-006" } ], "release_date": "2019-03-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "cve": "CVE-2022-3143", "cwe": { "id": "CWE-208", "name": "Observable Timing Discrepancy" }, "discovery_date": "2022-09-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2124682" } ], "notes": [ { "category": "description", "text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly-elytron: possible timing attacks via use of unsafe comparator", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3143" }, { "category": "external", "summary": "RHBZ#2124682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3143" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143" } ], "release_date": "2022-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "wildfly-elytron: possible timing attacks via use of unsafe comparator" }, { "cve": "CVE-2022-40149", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-10-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135771" } ], "notes": [ { "category": "description", "text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: parser crash by stackoverflow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40149" }, { "category": "external", "summary": "RHBZ#2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40149" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: parser crash by stackoverflow" }, { "cve": "CVE-2022-40150", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-10-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135770" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: memory exhaustion via user-supplied XML or JSON data", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40150" }, { "category": "external", "summary": "RHBZ#2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jettison: memory exhaustion via user-supplied XML or JSON data" }, { "cve": "CVE-2022-40152", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-10-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134291" } ], "notes": [ { "category": "description", "text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.", "title": "Vulnerability description" }, { "category": "summary", "text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40152" }, { "category": "external", "summary": "RHBZ#2134291", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40152" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4", "url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4" } ], "release_date": "2022-09-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks" }, { "cve": "CVE-2022-42003", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135244" } ], "notes": [ { "category": "description", "text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42003" }, { "category": "external", "summary": "RHBZ#2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS" }, { "cve": "CVE-2022-42004", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135247" } ], "notes": [ { "category": "description", "text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: use of deeply nested arrays", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42004" }, { "category": "external", "summary": "RHBZ#2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: use of deeply nested arrays" }, { "cve": "CVE-2022-45047", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-11-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2145194" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.", "title": "Vulnerability description" }, { "category": "summary", "text": "mina-sshd: Java unsafe deserialization vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45047" }, { "category": "external", "summary": "RHBZ#2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45047" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047" }, { "category": "external", "summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html", "url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html" } ], "release_date": "2022-11-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" }, { "category": "workaround", "details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mina-sshd: Java unsafe deserialization vulnerability" }, { "cve": "CVE-2022-45693", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-12-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155970" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src" ], "known_not_affected": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45693" }, { "category": "external", "summary": "RHBZ#2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45693" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos" }, { "cve": "CVE-2022-46364", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2022-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155682" } ], "notes": [ { "category": "description", "text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.", "title": "Vulnerability description" }, { "category": "summary", "text": "CXF: SSRF Vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46364" }, { "category": "external", "summary": "RHBZ#2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46364" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364" }, { "category": "external", "summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2", "url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:12:13+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0553" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "CXF: SSRF Vulnerability" } ] }
rhsa-2023_0556
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of\nservice, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM\nmanipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of\nService attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of\ntooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0556", "url": "https://access.redhat.com/errata/RHSA-2023:0556" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/" }, { "category": "external", "summary": "1399546", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546" }, { "category": "external", "summary": "1553413", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413" }, { "category": "external", "summary": "1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "1601616", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616" }, { "category": "external", "summary": "1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "1668097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097" }, { "category": "external", "summary": "1686454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454" }, { "category": "external", "summary": "1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "2124682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682" }, { "category": "external", "summary": "2134291", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291" }, { "category": "external", "summary": "2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "JBEAP-23864", "url": "https://issues.redhat.com/browse/JBEAP-23864" }, { "category": "external", "summary": "JBEAP-23865", "url": "https://issues.redhat.com/browse/JBEAP-23865" }, { "category": "external", "summary": "JBEAP-23866", "url": "https://issues.redhat.com/browse/JBEAP-23866" }, { "category": "external", "summary": "JBEAP-24055", "url": "https://issues.redhat.com/browse/JBEAP-24055" }, { "category": "external", "summary": "JBEAP-24081", "url": "https://issues.redhat.com/browse/JBEAP-24081" }, { "category": "external", "summary": "JBEAP-24095", "url": "https://issues.redhat.com/browse/JBEAP-24095" }, { "category": "external", "summary": "JBEAP-24100", "url": "https://issues.redhat.com/browse/JBEAP-24100" }, { "category": "external", "summary": "JBEAP-24127", "url": "https://issues.redhat.com/browse/JBEAP-24127" }, { "category": "external", "summary": "JBEAP-24128", "url": "https://issues.redhat.com/browse/JBEAP-24128" }, { "category": "external", "summary": "JBEAP-24132", "url": "https://issues.redhat.com/browse/JBEAP-24132" }, { "category": "external", "summary": "JBEAP-24147", "url": "https://issues.redhat.com/browse/JBEAP-24147" }, { "category": "external", "summary": "JBEAP-24167", "url": "https://issues.redhat.com/browse/JBEAP-24167" }, { "category": "external", "summary": "JBEAP-24191", "url": "https://issues.redhat.com/browse/JBEAP-24191" }, { "category": "external", "summary": "JBEAP-24195", "url": "https://issues.redhat.com/browse/JBEAP-24195" }, { "category": "external", "summary": "JBEAP-24207", "url": "https://issues.redhat.com/browse/JBEAP-24207" }, { "category": "external", "summary": "JBEAP-24248", "url": "https://issues.redhat.com/browse/JBEAP-24248" }, { "category": "external", "summary": "JBEAP-24426", "url": "https://issues.redhat.com/browse/JBEAP-24426" }, { "category": "external", "summary": "JBEAP-24427", "url": "https://issues.redhat.com/browse/JBEAP-24427" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0556.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update", "tracking": { "current_release_date": "2024-11-15T13:21:25+00:00", "generator": { "date": "2024-11-15T13:21:25+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:0556", "initial_release_date": "2023-01-31T13:18:26+00:00", "revision_history": [ { "date": "2023-01-31T13:18:26+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-01-31T13:18:26+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T13:21:25+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 7", "product": { "name": "Red Hat JBoss Enterprise Application Platform 7", "product_id": "Red Hat JBoss Enterprise Application Platform 7", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-9251", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2016-11-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1399546" } ], "notes": [ { "category": "description", "text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting via cross-domain ajax requests", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-9251" }, { "category": "external", "summary": "RHBZ#1399546", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251", "url": "https://www.cve.org/CVERecord?id=CVE-2015-9251" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251" } ], "release_date": "2015-06-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Cross-site scripting via cross-domain ajax requests" }, { "cve": "CVE-2016-10735", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-01-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1668097" } ], "notes": [ { "category": "description", "text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: XSS in the data-target attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-10735" }, { "category": "external", "summary": "RHBZ#1668097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735", "url": "https://www.cve.org/CVERecord?id=CVE-2016-10735" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735" } ], "release_date": "2016-06-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: XSS in the data-target attribute" }, { "cve": "CVE-2017-18214", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2018-03-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1553413" } ], "notes": [ { "category": "description", "text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-moment: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-18214" }, { "category": "external", "summary": "RHBZ#1553413", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18214" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214" } ], "release_date": "2017-09-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-moment: Regular expression denial of service" }, { "cve": "CVE-2018-14040", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601614" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14040" }, { "category": "external", "summary": "RHBZ#1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14040" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute" }, { "cve": "CVE-2018-14041", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601616" } ], "notes": [ { "category": "description", "text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14041" }, { "category": "external", "summary": "RHBZ#1601616", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14041" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy" }, { "cve": "CVE-2018-14042", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601617" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14042" }, { "category": "external", "summary": "RHBZ#1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14042" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip" }, { "cve": "CVE-2019-8331", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-02-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1686454" } ], "notes": [ { "category": "description", "text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: XSS in the tooltip or popover data-template attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-8331" }, { "category": "external", "summary": "RHBZ#1686454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8331" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331" } ], "release_date": "2019-02-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: XSS in the tooltip or popover data-template attribute" }, { "cve": "CVE-2019-11358", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-03-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1701972" } ], "notes": [ { "category": "description", "text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11358" }, { "category": "external", "summary": "RHBZ#1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "category": "external", "summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "category": "external", "summary": "https://www.drupal.org/sa-core-2019-006", "url": "https://www.drupal.org/sa-core-2019-006" } ], "release_date": "2019-03-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "cve": "CVE-2022-3143", "cwe": { "id": "CWE-208", "name": "Observable Timing Discrepancy" }, "discovery_date": "2022-09-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2124682" } ], "notes": [ { "category": "description", "text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly-elytron: possible timing attacks via use of unsafe comparator", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3143" }, { "category": "external", "summary": "RHBZ#2124682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3143" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143" } ], "release_date": "2022-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "wildfly-elytron: possible timing attacks via use of unsafe comparator" }, { "cve": "CVE-2022-40149", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-10-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135771" } ], "notes": [ { "category": "description", "text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: parser crash by stackoverflow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40149" }, { "category": "external", "summary": "RHBZ#2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40149" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: parser crash by stackoverflow" }, { "cve": "CVE-2022-40150", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-10-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135770" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: memory exhaustion via user-supplied XML or JSON data", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40150" }, { "category": "external", "summary": "RHBZ#2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jettison: memory exhaustion via user-supplied XML or JSON data" }, { "cve": "CVE-2022-40152", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-10-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134291" } ], "notes": [ { "category": "description", "text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.", "title": "Vulnerability description" }, { "category": "summary", "text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40152" }, { "category": "external", "summary": "RHBZ#2134291", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40152" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4", "url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4" } ], "release_date": "2022-09-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks" }, { "cve": "CVE-2022-42003", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135244" } ], "notes": [ { "category": "description", "text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42003" }, { "category": "external", "summary": "RHBZ#2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS" }, { "cve": "CVE-2022-42004", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135247" } ], "notes": [ { "category": "description", "text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: use of deeply nested arrays", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42004" }, { "category": "external", "summary": "RHBZ#2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: use of deeply nested arrays" }, { "cve": "CVE-2022-45047", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-11-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2145194" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.", "title": "Vulnerability description" }, { "category": "summary", "text": "mina-sshd: Java unsafe deserialization vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45047" }, { "category": "external", "summary": "RHBZ#2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45047" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047" }, { "category": "external", "summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html", "url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html" } ], "release_date": "2022-11-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" }, { "category": "workaround", "details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mina-sshd: Java unsafe deserialization vulnerability" }, { "cve": "CVE-2022-45693", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-12-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155970" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45693" }, { "category": "external", "summary": "RHBZ#2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45693" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos" }, { "cve": "CVE-2022-46363", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2022-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155681" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.", "title": "Vulnerability description" }, { "category": "summary", "text": "CXF: directory listing / code exfiltration", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46363" }, { "category": "external", "summary": "RHBZ#2155681", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46363" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363" }, { "category": "external", "summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c", "url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "CXF: directory listing / code exfiltration" }, { "cve": "CVE-2022-46364", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2022-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155682" } ], "notes": [ { "category": "description", "text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.", "title": "Vulnerability description" }, { "category": "summary", "text": "CXF: SSRF Vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46364" }, { "category": "external", "summary": "RHBZ#2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46364" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364" }, { "category": "external", "summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2", "url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:18:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0556" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "CXF: SSRF Vulnerability" } ] }
rhsa-2020_4298
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat OpenShift Container Platform 4.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)\n\n* SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)\n\n* grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table Panel\" screen (CVE-2018-18624)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions (CVE-2019-16769)\n\n* kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) (CVE-2020-7013)\n\n* nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598)\n\n* npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7662)\n\n* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* grafana: stored XSS (CVE-2020-11110)\n\n* grafana: XSS annotation popup vulnerability (CVE-2020-12052)\n\n* grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)\n\n* nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366)\n\n* openshift/console: text injection on error page via crafted url (CVE-2020-10715)\n\n* kibana: X-Frame-Option not set by default might lead to clickjacking (CVE-2020-10743)\n\n* openshift: restricted SCC allows pods to craft custom network packets (CVE-2020-14336)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:4298", "url": "https://access.redhat.com/errata/RHSA-2020:4298" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "907589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589" }, { "category": "external", "summary": "1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "1767665", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767665" }, { "category": "external", "summary": "1804533", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533" }, { "category": "external", "summary": "1813344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813344" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "1834550", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834550" }, { "category": "external", "summary": "1845982", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845982" }, { "category": "external", "summary": "1848089", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848089" }, { "category": "external", "summary": "1848092", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848092" }, { "category": "external", "summary": "1848643", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848643" }, { "category": "external", "summary": "1848647", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848647" }, { "category": "external", "summary": "1849044", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849044" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "1850572", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850572" }, { "category": "external", "summary": "1853652", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652" }, { "category": "external", "summary": "1857412", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857412" }, { "category": "external", "summary": "1857977", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857977" }, { "category": "external", "summary": "1858981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981" }, { "category": "external", "summary": "1861044", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861044" }, { "category": "external", "summary": "1874671", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874671" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4298.json" } ], "title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.1 image security update", "tracking": { "current_release_date": "2024-11-15T08:39:29+00:00", "generator": { "date": "2024-11-15T08:39:29+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:4298", "initial_release_date": "2020-10-27T16:22:20+00:00", "revision_history": [ { "date": "2020-10-27T16:22:20+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-10-27T16:22:20+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:39:29+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.6", "product": { "name": "Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.6::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "product": { "name": "openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "product_id": "openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-autoscaler\u0026tag=v4.6.0-202009291152.p0" } } }, { "category": "product_version", "name": "openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "product": { "name": "openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "product_id": "openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "product": { "name": "openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "product_id": "openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-machine-controllers\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "product": { "name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "product_id": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-etcd-rhel8-operator\u0026tag=v4.6.0-202010062159.p0" } } }, { "category": "product_version", "name": "openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "product": { "name": "openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "product_id": "openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-coredns\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "product": { "name": "openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "product_id": "openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-attacher-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "product": { "name": "openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "product_id": "openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-attacher\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "product": { "name": "openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "product_id": "openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-livenessprobe\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "product": { "name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "product_id": "openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-livenessprobe-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "product": { "name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "product_id": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-node-driver-registrar-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "product": { "name": "openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "product_id": "openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-node-driver-registrar\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "product": { "name": "openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "product_id": "openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-provisioner\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "product": { "name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "product_id": "openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-provisioner-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "product": { "name": "openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "product_id": "openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "product": { "name": "openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "product_id": "openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-oauth-proxy\u0026tag=v4.6.0-202010010929.p0" } } }, { "category": "product_version", "name": "openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "product": { "name": "openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "product_id": "openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-prometheus\u0026tag=v4.6.0-202009290409.p0" } } }, { "category": "product_version", "name": "openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "product": { "name": "openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "product_id": "openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-grafana\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "product": { "name": "openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "product_id": "openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-kube-rbac-proxy\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "product": { "name": "openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "product_id": "openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "product": { "name": "openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "product_id": "openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "product": { "name": "openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "product_id": "openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "product": { "name": "openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "product_id": "openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-operator-marketplace\u0026tag=v4.6.0-202010081538.p0" } } }, { "category": "product_version", "name": "openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "product": { "name": "openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "product_id": "openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-multus-cni\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "product": { "name": "openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "product_id": "openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "product": { "name": "openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "product_id": "openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-docker-builder\u0026tag=v4.6.0-202010120952.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "product": { "name": "openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "product_id": "openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cli\u0026tag=v4.6.0-202010080605.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "product": { "name": "openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "product_id": "openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "product": { "name": "openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "product_id": "openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.6.0-202010100121.p0" } } }, { "category": "product_version", "name": "openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "product": { "name": "openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "product_id": "openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-console-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "product": { "name": "openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "product_id": "openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube\u0026tag=v4.6.0-202010081843.p0" } } }, { "category": "product_version", "name": "openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "product": { "name": "openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "product_id": "openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-docker-registry\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le", "product": { "name": "openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le", "product_id": "openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.6.0-202010120952.p0" } } }, { "category": "product_version", "name": "openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "product": { "name": "openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "product_id": "openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-operator-lifecycle-manager\u0026tag=v4.6.0-202010130555.p0" } } }, { "category": "product_version", "name": "openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "product": { "name": "openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "product_id": "openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-operator-registry\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "product": { "name": "openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "product_id": "openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-rhel8-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "product": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "product_id": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-runtimecfg-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "product": { "name": "openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "product_id": "openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cli-artifacts\u0026tag=v4.6.0-202010080605.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "product": { "name": "openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "product_id": "openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cloud-credential-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "product": { "name": "openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "product_id": "openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-authentication-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "product": { "name": "openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "product_id": "openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-autoscaler-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "product": { "name": "openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "product_id": "openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-config-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "product": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "product_id": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "product": { "name": "openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "product_id": "openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-dns-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "product": { "name": "openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "product_id": "openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-image-registry-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "product": { "name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "product_id": "openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-apiserver-operator\u0026tag=v4.6.0-202010090300.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "product": { "name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "product_id": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-controller-manager-operator\u0026tag=v4.6.0-202010081538.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "product": { "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "product": { "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "product": { "name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "product_id": "openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-scheduler-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "product": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "product_id": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "product": { "name": "openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "product_id": "openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-machine-approver\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "product": { "name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "product_id": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-openshift-apiserver-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "product": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "product_id": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-openshift-controller-manager-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "product": { "name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "product_id": "openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-policy-controller-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "product": { "name": "openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "product_id": "openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-samples-operator\u0026tag=v4.6.0-202009290409.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "product": { "name": "openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "product_id": "openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-storage-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "product": { "name": "openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "product_id": "openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-resizer\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "product": { "name": "openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "product_id": "openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-resizer-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "product": { "name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "product_id": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-snapshotter-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "product": { "name": "openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "product_id": "openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-snapshotter\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "product": { "name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "product_id": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-snapshot-controller-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "product": { "name": "openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "product_id": "openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-snapshot-controller\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "product": { "name": "openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "product_id": "openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-etcd\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "product": { "name": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "product_id": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-gcp-machine-controllers-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "product": { "name": "openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "product_id": "openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.6.0-202010081843.p0" } } }, { "category": "product_version", "name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "product": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "product_id": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-kube-storage-version-migrator-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "product": { "name": "openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "product_id": "openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "product": { "name": "openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "product_id": "openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.6.0-202010220220.p0" } } }, { "category": "product_version", "name": "openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "product": { "name": "openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "product_id": "openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-mdns-publisher-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "product": { "name": "openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "product_id": "openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-multus-admission-controller\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "product": { "name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "product_id": "openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-multus-route-override-cni-rhel8\u0026tag=v4.6.0-202010012244.p0" } } }, { "category": "product_version", "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "product": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "product_id": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-multus-whereabouts-ipam-cni-rhel8\u0026tag=v4.6.0-202010011936.p0" } } }, { "category": "product_version", "name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "product": { "name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "product_id": "openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-network-metrics-daemon-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "product": { "name": "openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "product_id": "openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-oauth-apiserver-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "product": { "name": "openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "product_id": "openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-apiserver-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "product": { "name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "product_id": "openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-controller-manager-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "product": { "name": "openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "product_id": "openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "product": { "name": "openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "product_id": "openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-service-ca-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "product": { "name": "openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "product": { "name": "openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "product_id": "openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "product": { "name": "openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "product_id": "openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "product": { "name": "openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "product_id": "openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202010200139.p0" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "product": { "name": "openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "product_id": "openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-autoscaler\u0026tag=v4.6.0-202009291152.p0" } } }, { "category": "product_version", "name": "openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "product": { "name": "openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "product_id": "openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "product": { "name": "openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "product_id": "openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-machine-controllers\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "product": { "name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "product_id": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-etcd-rhel8-operator\u0026tag=v4.6.0-202010062159.p0" } } }, { "category": "product_version", "name": "openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "product": { "name": "openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "product_id": "openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-coredns\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "product": { "name": "openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "product_id": "openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-attacher-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "product": { "name": "openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "product_id": "openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-attacher\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "product": { "name": "openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "product_id": "openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-livenessprobe\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "product": { "name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "product_id": "openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-livenessprobe-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "product": { "name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "product_id": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-node-driver-registrar-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "product": { "name": "openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "product_id": "openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-node-driver-registrar\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "product": { "name": "openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "product_id": "openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-provisioner\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "product": { "name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "product_id": "openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-provisioner-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "product": { "name": "openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "product_id": "openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "product": { "name": "openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "product_id": "openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-oauth-proxy\u0026tag=v4.6.0-202010010929.p0" } } }, { "category": "product_version", "name": "openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "product": { "name": "openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "product_id": "openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-prometheus\u0026tag=v4.6.0-202009290409.p0" } } }, { "category": "product_version", "name": "openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "product": { "name": "openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "product_id": "openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-grafana\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "product": { "name": "openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "product_id": "openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-kube-rbac-proxy\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "product": { "name": "openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "product_id": "openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "product": { "name": "openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "product_id": "openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "product": { "name": "openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "product_id": "openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "product": { "name": "openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "product_id": "openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-operator-marketplace\u0026tag=v4.6.0-202010081538.p0" } } }, { "category": "product_version", "name": "openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "product": { "name": "openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "product_id": "openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-multus-cni\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "product": { "name": "openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "product_id": "openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "product": { "name": "openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "product_id": "openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-docker-builder\u0026tag=v4.6.0-202010120952.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "product": { "name": "openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "product_id": "openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cli\u0026tag=v4.6.0-202010080605.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "product": { "name": "openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "product_id": "openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "product": { "name": "openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "product_id": "openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.6.0-202010100121.p0" } } }, { "category": "product_version", "name": "openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "product": { "name": "openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "product_id": "openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-console-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "product": { "name": "openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "product_id": "openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube\u0026tag=v4.6.0-202010081843.p0" } } }, { "category": "product_version", "name": "openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "product": { "name": "openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "product_id": "openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-docker-registry\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "product": { "name": "openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "product_id": "openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.6.0-202010120952.p0" } } }, { "category": "product_version", "name": "openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "product": { "name": "openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "product_id": "openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-operator-lifecycle-manager\u0026tag=v4.6.0-202010130555.p0" } } }, { "category": "product_version", "name": "openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "product": { "name": "openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "product_id": "openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-operator-registry\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "product": { "name": "openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "product_id": "openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-rhel8-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "product": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "product_id": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-runtimecfg-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "product": { "name": "openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "product_id": "openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cli-artifacts\u0026tag=v4.6.0-202010080605.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "product": { "name": "openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "product_id": "openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cloud-credential-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "product": { "name": "openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "product_id": "openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-authentication-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "product": { "name": "openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "product_id": "openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-autoscaler-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "product": { "name": "openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "product_id": "openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-config-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "product": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "product_id": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "product": { "name": "openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "product_id": "openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-dns-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "product": { "name": "openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "product_id": "openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-image-registry-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "product": { "name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "product_id": "openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-apiserver-operator\u0026tag=v4.6.0-202010090300.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "product": { "name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "product_id": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-controller-manager-operator\u0026tag=v4.6.0-202010081538.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "product": { "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "product": { "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "product": { "name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "product_id": "openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-scheduler-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "product": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "product_id": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "product": { "name": "openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "product_id": "openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-machine-approver\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "product": { "name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "product_id": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-openshift-apiserver-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "product": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "product_id": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-openshift-controller-manager-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "product": { "name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "product_id": "openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-policy-controller-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "product": { "name": "openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "product_id": "openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-samples-operator\u0026tag=v4.6.0-202009290409.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "product": { "name": "openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "product_id": "openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-storage-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "product": { "name": "openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "product_id": "openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-resizer\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "product": { "name": "openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "product_id": "openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-resizer-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "product": { "name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "product_id": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-snapshotter-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "product": { "name": "openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "product_id": "openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-snapshotter\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "product": { "name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "product_id": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-snapshot-controller-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "product": { "name": "openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "product_id": "openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-snapshot-controller\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "product": { "name": "openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "product_id": "openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-etcd\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "product": { "name": "openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "product_id": "openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.6.0-202010081843.p0" } } }, { "category": "product_version", "name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "product": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "product_id": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-kube-storage-version-migrator-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "product": { "name": "openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "product_id": "openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "product": { "name": "openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "product_id": "openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.6.0-202010220220.p0" } } }, { "category": "product_version", "name": "openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "product": { "name": "openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "product_id": "openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-mdns-publisher-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "product": { "name": "openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "product_id": "openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-multus-admission-controller\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "product": { "name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "product_id": "openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-multus-route-override-cni-rhel8\u0026tag=v4.6.0-202010012244.p0" } } }, { "category": "product_version", "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "product": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "product_id": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-multus-whereabouts-ipam-cni-rhel8\u0026tag=v4.6.0-202010011936.p0" } } }, { "category": "product_version", "name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "product": { "name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "product_id": "openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-network-metrics-daemon-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "product": { "name": "openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "product_id": "openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-oauth-apiserver-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "product": { "name": "openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "product_id": "openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-apiserver-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "product": { "name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "product_id": "openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-controller-manager-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "product": { "name": "openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "product_id": "openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "product": { "name": "openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "product_id": "openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-service-ca-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "product": { "name": "openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "product": { "name": "openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "product_id": "openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "product": { "name": "openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "product_id": "openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "product": { "name": "openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "product_id": "openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202010200139.p0" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "product": { "name": "openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "product_id": "openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-autoscaler\u0026tag=v4.6.0-202009291152.p0" } } }, { "category": "product_version", "name": "openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "product": { "name": "openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "product_id": "openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "product": { "name": "openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "product_id": "openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-machine-controllers\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "product": { "name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "product_id": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-etcd-rhel8-operator\u0026tag=v4.6.0-202010062159.p0" } } }, { "category": "product_version", "name": "openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "product": { "name": "openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "product_id": "openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-coredns\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "product": { "name": "openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "product_id": "openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-attacher-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "product": { "name": "openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "product_id": "openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-attacher\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "product": { "name": "openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "product_id": "openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-livenessprobe\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "product": { "name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "product_id": "openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-livenessprobe-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "product": { "name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "product_id": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-node-driver-registrar-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "product": { "name": "openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "product_id": "openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-node-driver-registrar\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "product": { "name": "openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "product_id": "openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-provisioner\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "product": { "name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "product_id": "openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-provisioner-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "product": { "name": "openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "product_id": "openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "product": { "name": "openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "product_id": "openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-oauth-proxy\u0026tag=v4.6.0-202010010929.p0" } } }, { "category": "product_version", "name": "openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "product": { "name": "openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "product_id": "openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-prometheus\u0026tag=v4.6.0-202009290409.p0" } } }, { "category": "product_version", "name": "openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "product": { "name": "openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "product_id": "openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-grafana\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "product": { "name": "openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "product_id": "openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-kube-rbac-proxy\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "product": { "name": "openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "product_id": "openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "product": { "name": "openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "product_id": "openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "product": { "name": "openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "product_id": "openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "product": { "name": "openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "product_id": "openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-operator-marketplace\u0026tag=v4.6.0-202010081538.p0" } } }, { "category": "product_version", "name": "openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "product": { "name": "openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "product_id": "openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-multus-cni\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "product": { "name": "openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "product_id": "openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "product": { "name": "openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "product_id": "openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-docker-builder\u0026tag=v4.6.0-202010120952.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "product": { "name": "openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "product_id": "openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cli\u0026tag=v4.6.0-202010080605.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "product": { "name": "openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "product_id": "openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "product": { "name": "openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "product_id": "openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.6.0-202010100121.p0" } } }, { "category": "product_version", "name": "openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "product": { "name": "openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "product_id": "openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-console-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "product": { "name": "openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "product_id": "openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube\u0026tag=v4.6.0-202010081843.p0" } } }, { "category": "product_version", "name": "openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "product": { "name": "openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "product_id": "openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-docker-registry\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "product": { "name": "openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "product_id": "openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.6.0-202010120952.p0" } } }, { "category": "product_version", "name": "openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "product": { "name": "openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "product_id": "openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-operator-lifecycle-manager\u0026tag=v4.6.0-202010130555.p0" } } }, { "category": "product_version", "name": "openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "product": { "name": "openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "product_id": "openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-operator-registry\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "product": { "name": "openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "product_id": "openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-aws-machine-controllers\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "product": { "name": "openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "product_id": "openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-azure-machine-controllers\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "product": { "name": "openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "product_id": "openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-rhel8-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "product": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "product_id": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-runtimecfg-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "product": { "name": "openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "product_id": "openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cli-artifacts\u0026tag=v4.6.0-202010080605.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "product": { "name": "openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "product_id": "openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cloud-credential-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "product": { "name": "openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "product_id": "openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-authentication-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "product": { "name": "openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "product_id": "openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-autoscaler-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "product": { "name": "openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "product_id": "openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-config-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "product": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "product_id": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "product": { "name": "openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "product_id": "openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-dns-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "product": { "name": "openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "product_id": "openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-image-registry-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "product": { "name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "product_id": "openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-apiserver-operator\u0026tag=v4.6.0-202010090300.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "product": { "name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "product_id": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-controller-manager-operator\u0026tag=v4.6.0-202010081538.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "product": { "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "product": { "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "product": { "name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "product_id": "openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-scheduler-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "product": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "product_id": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "product": { "name": "openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "product_id": "openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-machine-approver\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "product": { "name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "product_id": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-openshift-apiserver-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "product": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "product_id": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-openshift-controller-manager-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "product": { "name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "product_id": "openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-policy-controller-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "product": { "name": "openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "product_id": "openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-samples-operator\u0026tag=v4.6.0-202009290409.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "product": { "name": "openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "product_id": "openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-storage-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "product": { "name": "openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "product_id": "openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-resizer\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "product": { "name": "openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "product_id": "openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-resizer-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "product": { "name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "product_id": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-snapshotter-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "product": { "name": "openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "product_id": "openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-snapshotter\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "product": { "name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "product_id": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-snapshot-controller-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "product": { "name": "openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "product_id": "openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-snapshot-controller\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "product": { "name": "openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "product_id": "openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-etcd\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "product": { "name": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "product_id": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-gcp-machine-controllers-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "product": { "name": "openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "product_id": "openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.6.0-202010081843.p0" } } }, { "category": "product_version", "name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "product": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "product_id": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-kube-storage-version-migrator-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "product": { "name": "openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "product_id": "openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "product": { "name": "openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "product_id": "openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.6.0-202010220220.p0" } } }, { "category": "product_version", "name": "openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "product": { "name": "openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "product_id": "openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-mdns-publisher-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "product": { "name": "openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "product_id": "openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-reporting-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "product": { "name": "openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "product_id": "openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-multus-admission-controller\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "product": { "name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "product_id": "openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-multus-route-override-cni-rhel8\u0026tag=v4.6.0-202010012244.p0" } } }, { "category": "product_version", "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "product": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "product_id": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-multus-whereabouts-ipam-cni-rhel8\u0026tag=v4.6.0-202010011936.p0" } } }, { "category": "product_version", "name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "product": { "name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "product_id": "openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-network-metrics-daemon-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "product": { "name": "openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "product_id": "openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-oauth-apiserver-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "product": { "name": "openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "product_id": "openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-apiserver-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "product": { "name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "product_id": "openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-controller-manager-rhel8\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "product": { "name": "openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "product_id": "openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "product": { "name": "openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "product_id": "openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-service-ca-operator\u0026tag=v4.6.0-202010061132.p0" } } }, { "category": "product_version", "name": "openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "product": { "name": "openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "product_id": "openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-presto\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "product": { "name": "openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "product": { "name": "openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "product_id": "openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "product": { "name": "openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "product_id": "openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202010200139.p0" } } }, { "category": "product_version", "name": "openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "product": { "name": "openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "product_id": "openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202010200139.p0" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le" }, "product_reference": "openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x" }, "product_reference": "openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64" }, "product_reference": "openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64" }, "product_reference": "openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64" }, "product_reference": "openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64" }, "product_reference": "openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le" }, "product_reference": "openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x" }, "product_reference": "openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64" }, "product_reference": "openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le" }, "product_reference": "openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x" }, "product_reference": "openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64" }, "product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x" }, "product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le" }, "product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x" }, "product_reference": "openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64" }, "product_reference": "openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le" }, "product_reference": "openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64" }, "product_reference": "openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x" }, "product_reference": "openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le" }, "product_reference": "openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64" }, "product_reference": "openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x" }, "product_reference": "openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le" }, "product_reference": "openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64" }, "product_reference": "openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le" }, "product_reference": "openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x" }, "product_reference": "openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x" }, "product_reference": "openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le" }, "product_reference": "openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64" }, "product_reference": "openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x" }, "product_reference": "openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64" }, "product_reference": "openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le" }, "product_reference": "openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x" }, "product_reference": "openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64" }, "product_reference": "openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le" }, "product_reference": "openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64" }, "product_reference": "openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x" }, "product_reference": "openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le" }, "product_reference": "openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x" }, "product_reference": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64" }, "product_reference": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le" }, "product_reference": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le" }, "product_reference": "openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x" }, "product_reference": "openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64" }, "product_reference": "openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64" }, "product_reference": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x" }, "product_reference": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le" }, "product_reference": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le" }, "product_reference": "openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x" }, "product_reference": "openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64" }, "product_reference": "openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le" }, "product_reference": "openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64" }, "product_reference": "openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x" }, "product_reference": "openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x" }, "product_reference": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le" }, "product_reference": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64" }, "product_reference": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x" }, "product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64" }, "product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le" }, "product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x" }, "product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64" }, "product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le" }, "product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64" }, "product_reference": "openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x" }, "product_reference": "openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le" }, "product_reference": "openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le" }, "product_reference": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x" }, "product_reference": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64" }, "product_reference": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x" }, "product_reference": "openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le" }, "product_reference": "openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64" }, "product_reference": "openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le" }, "product_reference": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64" }, "product_reference": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x" }, "product_reference": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x" }, "product_reference": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le" }, "product_reference": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64" }, "product_reference": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x" }, "product_reference": "openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le" }, "product_reference": "openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64" }, "product_reference": "openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le" }, "product_reference": "openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x" }, "product_reference": "openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64" }, "product_reference": "openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64" }, "product_reference": "openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le" }, "product_reference": "openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x" }, "product_reference": "openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le" }, "product_reference": "openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64" }, "product_reference": "openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x" }, "product_reference": "openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le" }, "product_reference": "openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x" }, "product_reference": "openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64" }, "product_reference": "openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64" }, "product_reference": "openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le" }, "product_reference": "openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x" }, "product_reference": "openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64" }, "product_reference": "openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le" }, "product_reference": "openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x" }, "product_reference": "openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64" }, "product_reference": "openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le" }, "product_reference": "openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x" }, "product_reference": "openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le" }, "product_reference": "openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x" }, "product_reference": "openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64" }, "product_reference": "openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le" }, "product_reference": "openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x" }, "product_reference": "openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64" }, "product_reference": "openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64" }, "product_reference": "openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x" }, "product_reference": "openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le" }, "product_reference": "openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64" }, "product_reference": "openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x" }, "product_reference": "openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le" }, "product_reference": "openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64" }, "product_reference": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x" }, "product_reference": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le" }, "product_reference": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64" }, "product_reference": "openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x" }, "product_reference": "openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le" }, "product_reference": "openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64" }, "product_reference": "openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le" }, "product_reference": "openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x" }, "product_reference": "openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64" }, "product_reference": "openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le" }, "product_reference": "openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x" }, "product_reference": "openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x" }, "product_reference": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64" }, "product_reference": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le" }, "product_reference": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x" }, "product_reference": "openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64" }, "product_reference": "openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le" }, "product_reference": "openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x" }, "product_reference": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le" }, "product_reference": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64" }, "product_reference": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x" }, "product_reference": "openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le" }, "product_reference": "openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64" }, "product_reference": "openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64" }, "product_reference": "openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le" }, "product_reference": "openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x" }, "product_reference": "openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64" }, "product_reference": "openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x" }, "product_reference": "openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le" }, "product_reference": "openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x" }, "product_reference": "openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le" }, "product_reference": "openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64" }, "product_reference": "openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le" }, "product_reference": "openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64" }, "product_reference": "openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x" }, "product_reference": "openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x" }, "product_reference": "openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64" }, "product_reference": "openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le" }, "product_reference": "openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le" }, "product_reference": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64" }, "product_reference": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64" }, "product_reference": "openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le" }, "product_reference": "openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" }, "product_reference": "openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le" }, "product_reference": "openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64" }, "product_reference": "openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x" }, "product_reference": "openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le" }, "product_reference": "openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64" }, "product_reference": "openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x" }, "product_reference": "openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x" }, "product_reference": "openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le" }, "product_reference": "openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64" }, "product_reference": "openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x" }, "product_reference": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64" }, "product_reference": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le" }, "product_reference": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x" }, "product_reference": "openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64" }, "product_reference": "openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le" }, "product_reference": "openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le" }, "product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x" }, "product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64" }, "product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x" }, "product_reference": "openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64" }, "product_reference": "openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le" }, "product_reference": "openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x" }, "product_reference": "openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64" }, "product_reference": "openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le" }, "product_reference": "openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le" }, "product_reference": "openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64" }, "product_reference": "openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x" }, "product_reference": "openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64" }, "product_reference": "openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64" }, "product_reference": "openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le" }, "product_reference": "openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x" }, "product_reference": "openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64" }, "product_reference": "openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le" }, "product_reference": "openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64" }, "product_reference": "openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x" }, "product_reference": "openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le" }, "product_reference": "openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64" }, "product_reference": "openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x" }, "product_reference": "openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le" }, "product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x" }, "product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64" }, "product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le" }, "product_reference": "openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64" }, "product_reference": "openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x" }, "product_reference": "openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64" }, "product_reference": "openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le" }, "product_reference": "openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x" }, "product_reference": "openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64" }, "product_reference": "openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x" }, "product_reference": "openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le" }, "product_reference": "openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le" }, "product_reference": "openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64" }, "product_reference": "openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x" }, "product_reference": "openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le" }, "product_reference": "openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x" }, "product_reference": "openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64" }, "product_reference": "openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x" }, "product_reference": "openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64" }, "product_reference": "openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le" }, "product_reference": "openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64" }, "product_reference": "openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x" }, "product_reference": "openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le" }, "product_reference": "openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x" }, "product_reference": "openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le" }, "product_reference": "openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64" }, "product_reference": "openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x" }, "product_reference": "openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64" }, "product_reference": "openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" }, "product_reference": "openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x" }, "product_reference": "openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le" }, "product_reference": "openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64" }, "product_reference": "openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le" }, "product_reference": "openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64" }, "product_reference": "openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x" }, "product_reference": "openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64" }, "product_reference": "openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le" }, "product_reference": "openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x" }, "product_reference": "openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x" }, "product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64" }, "product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le" }, "product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le" }, "product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64" }, "product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x" }, "product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64" }, "product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le" }, "product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x" }, "product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64" }, "product_reference": "openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x" }, "product_reference": "openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le" }, "product_reference": "openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x" }, "product_reference": "openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64" }, "product_reference": "openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" }, "product_reference": "openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2013-0169", "discovery_date": "2013-02-04T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "907589" } ], "notes": [ { "category": "description", "text": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: CBC padding timing attack (lucky-13)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-0169" }, { "category": "external", "summary": "RHBZ#907589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0169", "url": "https://www.cve.org/CVERecord?id=CVE-2013-0169" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169" }, { "category": "external", "summary": "http://www.isg.rhul.ac.uk/tls/", "url": "http://www.isg.rhul.ac.uk/tls/" }, { "category": "external", "summary": "http://www.openssl.org/news/secadv_20130205.txt", "url": "http://www.openssl.org/news/secadv_20130205.txt" }, { "category": "external", "summary": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released", "url": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released" } ], "release_date": "2013-02-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" }, { "category": "workaround", "details": "On OpenShift Container Platform 3.11 it\u0027s possible to edit the list of cipher suites offered by the router when performing \u0027edge\u0027, or \u0027re-encrypt\u0027 TLS modes. Please follow the documentation [1], and [2] to remove the vulnerable CBC ciphers use the modern, or intermediate cipher suites outlined by Mozilla instead [3]. In \u0027passthrough\u0027 mode TLS termination occurs in the application so that is another way to mitigate the vulnerability.\n[1] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#obtaining-router-configuration-template\n[2] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#using-configmap-replace-template\n[3] https://wiki.mozilla.org/Security/Server_Side_TLS", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: CBC padding timing attack (lucky-13)" }, { "cve": "CVE-2018-18624", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-24T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850572" } ], "notes": [ { "category": "description", "text": "A flaw was found in grafana. An incomplete fix for CVE-2018-12099 allows for a XSS via a column style on the \"Dashboard \u003e Table Panel\" screen.", "title": "Vulnerability description" }, { "category": "summary", "text": "grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table Panel\" screen", "title": "Vulnerability summary" }, { "category": "other", "text": "Both OpenShift 3.11 and 4.x grafana-container\u0027s package a vulnerable version of grafana. However the grafana instance is set to read-only meaning that the potential XSS attack cannot be performed as the table panel cannot be modified or added. As OpenShift still packages the vulnerable code, the components are affected but with impact Low.\n\nIn OpenShift ServiceMesh the grafana component is a vulnerable version, however as it is behind OpenShift OAuth restricting access to authenticated users only the impact is Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-18624" }, { "category": "external", "summary": "RHBZ#1850572", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850572" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-18624", "url": "https://www.cve.org/CVERecord?id=CVE-2018-18624" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-18624", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18624" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20200608-0008/", "url": "https://security.netapp.com/advisory/ntap-20200608-0008/" } ], "release_date": "2020-06-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table Panel\" screen" }, { "cve": "CVE-2019-11358", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-03-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1701972" } ], "notes": [ { "category": "description", "text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11358" }, { "category": "external", "summary": "RHBZ#1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "category": "external", "summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "category": "external", "summary": "https://www.drupal.org/sa-core-2019-006", "url": "https://www.drupal.org/sa-core-2019-006" } ], "release_date": "2019-03-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection" }, { "cve": "CVE-2019-16769", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1848092" } ], "notes": [ { "category": "description", "text": "A XSS flaw was found in npm-serialize-javascript. It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js\u0027s implementation of RegExp.prototype.toString() backslash-escapes all forward slashes in regular expressions. If serialized data of regular expression objects are used in an environment other than Node.js, it is affected by this vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions", "title": "Vulnerability summary" }, { "category": "other", "text": "In both OpenShift Container Platform (OCP) and OpenShift ServiceMesh (OSSM), the grafana and prometheus containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable serialize-javascript library to authenticated users only, therefore the impact is low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16769" }, { "category": "external", "summary": "RHBZ#1848092", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848092" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16769", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16769" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16769", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16769" } ], "release_date": "2020-05-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions" }, { "cve": "CVE-2020-7013", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)" }, "discovery_date": "2020-06-19T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1849044" } ], "notes": [ { "category": "description", "text": "Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB. An authenticated attacker with privileges to create TSVB visualizations could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06)", "title": "Vulnerability summary" }, { "category": "other", "text": "To mitigate this vulnerability you can set \"metrics.enabled: false\" in kibana.yml", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7013" }, { "category": "external", "summary": "RHBZ#1849044", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849044" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7013", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7013" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7013", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7013" }, { "category": "external", "summary": "https://discuss.elastic.co/t/elastic-stack-6-8-9-and-7-7-0-security-update/235571", "url": "https://discuss.elastic.co/t/elastic-stack-6-8-9-and-7-7-0-security-update/235571" } ], "release_date": "2020-06-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06)" }, { "cve": "CVE-2020-7598", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2020-03-11T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1813344" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-minimist, where it was tricked into adding or modifying properties of the Object.prototype using a \"constructor\" or \"__proto__\" payload. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay only includes minimist as a dependency of the test suites, and it not include it in the product. We may fix this issue in a future Red Hat Quay release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7598" }, { "category": "external", "summary": "RHBZ#1813344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813344" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7598", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7598" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7598", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7598" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764", "url": "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764" } ], "release_date": "2020-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload" }, { "cve": "CVE-2020-7662", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2020-06-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1845982" } ], "notes": [ { "category": "description", "text": "websocket-extensions npm module prior to 0.1.4 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other character. This could be abused by an attacker to conduct Regex Denial Of Service (ReDoS) on a single-threaded server by providing a malicious payload with the Sec-WebSocket-Extensions header.", "title": "Vulnerability description" }, { "category": "summary", "text": "npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser", "title": "Vulnerability summary" }, { "category": "other", "text": "In both OpenShift Container Platform (OCP) and OpenShift ServiceMesh (OSSM), the grafana and prometheus containers are behind OpenShift OAuth restricting access to the vulnerable websocket-extension to authenticated users only, therefore the impact is Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7662" }, { "category": "external", "summary": "RHBZ#1845982", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845982" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7662", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7662" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7662", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7662" }, { "category": "external", "summary": "https://github.com/faye/websocket-extensions-node/security/advisories/GHSA-g78m-2chm-r7qv", "url": "https://github.com/faye/websocket-extensions-node/security/advisories/GHSA-g78m-2chm-r7qv" } ], "release_date": "2020-06-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser" }, { "cve": "CVE-2020-8203", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2020-07-15T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1857412" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-lodash in versions 4.17.15 and earlier. A prototype pollution attack is possible which can lead to arbitrary code execution. The primary threat from this vulnerability is to data integrity and system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-lodash: prototype pollution in zipObjectDeep function", "title": "Vulnerability summary" }, { "category": "other", "text": "In OpenShift ServiceMesh (OSSM), Red Hat OpenShift Jaeger (RHOSJ) and Red Hat OpenShift Container Platform (RHOCP), the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable nodejs-lodash library to authenticated users only, therefore the impact is low.\n\nRed Hat OpenShift Container Platform 4 delivers the kibana package where the nodejs-lodash library is used, but due to the code changing to the container first content the kibana package is marked as wontfix. This may be fixed in the future.\n\nRed Hat Virtualization uses vulnerable version of nodejs-lodash, however zipObjectDeep is not used, therefore the impact is low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-8203" }, { "category": "external", "summary": "RHBZ#1857412", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857412" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-8203", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8203" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8203", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8203" }, { "category": "external", "summary": "https://hackerone.com/reports/712065", "url": "https://hackerone.com/reports/712065" }, { "category": "external", "summary": "https://www.npmjs.com/advisories/1523", "url": "https://www.npmjs.com/advisories/1523" } ], "release_date": "2020-04-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-lodash: prototype pollution in zipObjectDeep function" }, { "acknowledgments": [ { "names": [ "the Kubernetes Product Security Committee" ] }, { "names": [ "Wouter ter Maat" ], "organization": "Offensi", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2020-8559", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2020-06-26T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1851422" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Kubernetes API server, where it allows an attacker to escalate their privileges from a compromised node. This flaw allows an attacker who can intercept requests on a compromised node, to redirect those requests, along with their credentials, to perform actions on other endpoints that trust those credentials (including other clusters), allowing for escalation of privileges. The highest threat from this vulnerability is to confidentiality, integrity, and system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kubernetes: compromised node could escalate to cluster level privileges", "title": "Vulnerability summary" }, { "category": "other", "text": "Kubernetes is embedded in the version of heketi shipped with Red Hat Gluster Storage 3. However, it does not use Kubernetes API server part and only uses client side bits. Hence, this flaw does not affect heketi.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-8559" }, { "category": "external", "summary": "RHBZ#1851422", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851422" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-8559", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8559" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8559", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8559" }, { "category": "external", "summary": "https://groups.google.com/g/kubernetes-security-announce/c/JAIGG5yNROs", "url": "https://groups.google.com/g/kubernetes-security-announce/c/JAIGG5yNROs" } ], "release_date": "2020-07-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" }, { "category": "workaround", "details": "No mitigation is known.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kubernetes: compromised node could escalate to cluster level privileges" }, { "cve": "CVE-2020-9283", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "discovery_date": "2020-02-19T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1804533" } ], "notes": [ { "category": "description", "text": "A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform uses the vulnerable library in a number of components but strictly as an SSH client. The severity of this vulnerability is reduced for clients as it requires connections to malicious SSH servers, with the maximum impact only a client crash. This vulnerability is rated Low for OpenShift Container Platform.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-9283" }, { "category": "external", "summary": "RHBZ#1804533", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9283", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9283" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY", "url": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY" } ], "release_date": "2020-02-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic" }, { "cve": "CVE-2020-10715", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2019-10-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1767665" } ], "notes": [ { "category": "description", "text": "A content spoofing vulnerability was found in the openshift/console. This flaw allows an attacker to craft a URL and inject arbitrary text onto the error page that appears to be from the OpenShift instance. This attack could potentially convince a user that the inserted text is legitimate.", "title": "Vulnerability description" }, { "category": "summary", "text": "openshift/console: text injection on error page via crafted url", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10715" }, { "category": "external", "summary": "RHBZ#1767665", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767665" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10715", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10715" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10715", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10715" } ], "release_date": "2020-07-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "openshift/console: text injection on error page via crafted url" }, { "cve": "CVE-2020-10743", "cwe": { "id": "CWE-358", "name": "Improperly Implemented Security Check for Standard" }, "discovery_date": "2020-05-05T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1834550" } ], "notes": [ { "category": "description", "text": "It was discovered that OpenShift Container Platform\u0027s (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker to trick a user into performing arbitrary actions in OCP\u0027s distribution of Kibana, such as clickjacking.", "title": "Vulnerability description" }, { "category": "summary", "text": "kibana: X-Frame-Option not set by default might lead to clickjacking", "title": "Vulnerability summary" }, { "category": "other", "text": "This CVE relates specifically to OpenShift Container Platform\u0027s distribution of Kibana. Upstream Kibana don\u0027t consider this a vulnerability, but may address this in a future version:\n\nhttps://github.com/elastic/kibana/issues/52809", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10743" }, { "category": "external", "summary": "RHBZ#1834550", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834550" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10743", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10743" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10743", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10743" } ], "release_date": "2020-01-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" }, { "category": "workaround", "details": "Any Kibana version with this commit [1] can add the following configuration option to mitigation the problem:\n\nconfig/kibana.yml:\nserver.customResponseHeaders: {\"x-frame-options\":\"deny\"}\nor\nserver.customResponseHeaders: {\"x-frame-options\":\"sameorigin\"}\n\n[1] https://github.com/elastic/kibana/pull/13045", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kibana: X-Frame-Option not set by default might lead to clickjacking" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "cve": "CVE-2020-11110", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-07-27T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1861044" } ], "notes": [ { "category": "description", "text": "A flaw was found in grafana. The lack of URL sanitizing allows for stored XSS.", "title": "Vulnerability description" }, { "category": "summary", "text": "grafana: stored XSS", "title": "Vulnerability summary" }, { "category": "other", "text": "Both OpenShift 3.11 and 4.x grafana-container\u0027s package a vulnerable version of grafana. However the grafana instance is set to read-only meaning that the potential XSS attack cannot be performed because the original url field cannot be modified. Access to the grafana panel is additionally behind OpenShift OAuth proxy and requires admin permissions.\nAs OpenShift still packages the vulnerable code, the components are affected but the impact is Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11110" }, { "category": "external", "summary": "RHBZ#1861044", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861044" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11110", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11110" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11110", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11110" } ], "release_date": "2020-04-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "grafana: stored XSS" }, { "cve": "CVE-2020-12052", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1848089" } ], "notes": [ { "category": "description", "text": "A flaw was found in grafana. The software is vulnerable to an annotation popup XSS.", "title": "Vulnerability description" }, { "category": "summary", "text": "grafana: XSS annotation popup vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the version of the grafana package as shipped with Red Hat Ceph Storage (RHCS) version 2. Ceph-2 has reached End of Extended Life Cycle Support and no longer fixing moderates/lows.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-12052" }, { "category": "external", "summary": "RHBZ#1848089", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848089" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-12052", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12052" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12052", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12052" } ], "release_date": "2020-04-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "grafana: XSS annotation popup vulnerability" }, { "cve": "CVE-2020-12245", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-25T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1848643" } ], "notes": [ { "category": "description", "text": "A flaw was found in grafana. A XSS is possible in table-panel via column.title or cellLinkTooltip.", "title": "Vulnerability description" }, { "category": "summary", "text": "grafana: XSS via column.title or cellLinkTooltip", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-12245" }, { "category": "external", "summary": "RHBZ#1848643", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848643" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-12245", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12245" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12245", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12245" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "grafana: XSS via column.title or cellLinkTooltip" }, { "cve": "CVE-2020-13822", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2020-06-04T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1848647" } ], "notes": [ { "category": "description", "text": "The Elliptic for Node.js allows ECDSA signature malleability via variations in encoding, leading \u0027\\0\u0027 bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures", "title": "Vulnerability summary" }, { "category": "other", "text": "In both OpenShift Container Platform (OCP) and OpenShift ServiceMesh (OSSM), the grafana and prometheus containers don\u0027t use the vulnerable elliptic library for authentication (OpenShift OAuth is used) or traffic communications (OpenShift route is used). Therefore the impact for OCP and OSSM is Low.\n\nRed Hat Quay includes nodejs-elliptic as a dependency of webpack. That dependency is only used at development time, not runtime. Therefore this vulnerability is rated low for Red Hat Quay.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-13822" }, { "category": "external", "summary": "RHBZ#1848647", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848647" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-13822", "url": "https://www.cve.org/CVERecord?id=CVE-2020-13822" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13822", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13822" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-ELLIPTIC-571484", "url": "https://snyk.io/vuln/SNYK-JS-ELLIPTIC-571484" } ], "release_date": "2020-06-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures" }, { "cve": "CVE-2020-14040", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2020-06-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1853652" } ], "notes": [ { "category": "description", "text": "A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash", "title": "Vulnerability summary" }, { "category": "other", "text": "* OpenShift ServiceMesh (OSSM) 1.0 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities. Jaeger was packaged with ServiceMesh in 1.0, and hence is also marked OOSS, but the Jaeger-Operator is a standalone product and is affected by this vulnerability.\n\n* Because Service Telemetry Framework does not directly use unicode.UTF16, no update will be provided at this time for STF\u0027s sg-core-container.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-14040" }, { "category": "external", "summary": "RHBZ#1853652", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14040", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14040" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040" }, { "category": "external", "summary": "https://github.com/golang/go/issues/39491", "url": "https://github.com/golang/go/issues/39491" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0", "url": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0" } ], "release_date": "2020-06-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash" }, { "acknowledgments": [ { "names": [ "Yuval Kashtan" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2020-14336", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2020-06-25T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1858981" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "openshift: restricted SCC allows pods to craft custom network packets", "title": "Vulnerability summary" }, { "category": "other", "text": "By default, the OpenShift Container Platform uses the OpenShift SDN network interface. This interface makes this attack impractical by implementing IPTable rules on the host side of the virtual network interface, isolating network traffic to within the pod.\n\nIf the OpenShift Container Platform has the sriov-network-operator deployed, it is at a greater risk for exploitation. \n\nIf installing a new OCP 4.6 cluster no changes are required. If upgrading a cluster from an earlier version to 4.5.16 be sure to delete 99-worker-generated-crio-capabilities and 99-master-generated-crio-capabilities machine controllers once you have tested that dropping NET_RAW does not break your cluster workload.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-14336" }, { "category": "external", "summary": "RHBZ#1858981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14336", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14336" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14336", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14336" } ], "release_date": "2020-07-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" }, { "category": "workaround", "details": "On OCP 3.11 create a custom SCC based on \u0027restricted\u0027 and also drop the NET_RAW capability[1]. Assign this custom SCC to any users, or groups which create pods you want to protect. See the documentation for more information [2]. \n[1] https://access.redhat.com/solutions/5611521\n[2] https://docs.openshift.com/container-platform/3.11/admin_guide/manage_scc.html", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "openshift: restricted SCC allows pods to craft custom network packets" }, { "cve": "CVE-2020-15366", "cwe": { "id": "CWE-471", "name": "Modification of Assumed-Immutable Data (MAID)" }, "discovery_date": "2020-07-15T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1857977" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-ajv. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function", "title": "Vulnerability summary" }, { "category": "other", "text": "In both OpenShift Container Platform (OCP) and OpenShift ServiceMesh (OSSM), the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable nodejs-ajv library to authenticated users only, therefore the impact is low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x", "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x", "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64", "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64", "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64", "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x", "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64", "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64", "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-15366" }, { "category": "external", "summary": "RHBZ#1857977", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857977" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-15366", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15366" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15366", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15366" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-AJV-584908", "url": "https://snyk.io/vuln/SNYK-JS-AJV-584908" } ], "release_date": "2020-07-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-27T16:22:20+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x", "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64", "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function" } ] }
rhsa-2023_1049
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.2 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* keycloak: reflected XSS attack (CVE-2022-4137)\n* Keycloak Node.js Adapter: Open redirect vulnerability in checkSSO (CVE-2022-2237)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1049", "url": "https://access.redhat.com/errata/RHSA-2023:1049" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "2031904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904" }, { "category": "external", "summary": "2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "2072009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009" }, { "category": "external", "summary": "2073157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157" }, { "category": "external", "summary": "2097007", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097007" }, { "category": "external", "summary": "2105075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075" }, { "category": "external", "summary": "2117506", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506" }, { "category": "external", "summary": "2126789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789" }, { "category": "external", "summary": "2129706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706" }, { "category": "external", "summary": "2129707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707" }, { "category": "external", "summary": "2129709", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709" }, { "category": "external", "summary": "2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "2138971", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971" }, { "category": "external", "summary": "2140597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597" }, { "category": "external", "summary": "2141404", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404" }, { "category": "external", "summary": "2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "2148496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496" }, { "category": "external", "summary": "2150009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009" }, { "category": "external", "summary": "2155681", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681" }, { "category": "external", "summary": "2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "2158585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585" }, { "category": "external", "summary": "2160585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1049.json" } ], "title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update", "tracking": { "current_release_date": "2024-11-21T21:15:42+00:00", "generator": { "date": "2024-11-21T21:15:42+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1049", "initial_release_date": "2023-03-01T21:58:17+00:00", "revision_history": [ { "date": "2023-03-01T21:58:17+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-01T21:58:17+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-21T21:15:42+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Single Sign-On 7", "product": { "name": "Red Hat Single Sign-On 7", "product_id": "Red Hat Single Sign-On 7", "product_identification_helper": { "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6" } } } ], "category": "product_family", "name": "Red Hat Single Sign-On" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-14040", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601614" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14040" }, { "category": "external", "summary": "RHBZ#1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14040" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute" }, { "cve": "CVE-2018-14042", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601617" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14042" }, { "category": "external", "summary": "RHBZ#1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14042" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip" }, { "cve": "CVE-2019-11358", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-03-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1701972" } ], "notes": [ { "category": "description", "text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11358" }, { "category": "external", "summary": "RHBZ#1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "category": "external", "summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "category": "external", "summary": "https://www.drupal.org/sa-core-2019-006", "url": "https://www.drupal.org/sa-core-2019-006" } ], "release_date": "2019-03-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "cve": "CVE-2021-35065", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156324" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "glob-parent: Regular Expression Denial of Service", "title": "Vulnerability summary" }, { "category": "other", "text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-35065" }, { "category": "external", "summary": "RHBZ#2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065", "url": "https://www.cve.org/CVERecord?id=CVE-2021-35065" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294", "url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294" } ], "release_date": "2022-12-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "glob-parent: Regular Expression Denial of Service" }, { "cve": "CVE-2021-44906", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2066009" } ], "notes": [ { "category": "description", "text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "minimist: prototype pollution", "title": "Vulnerability summary" }, { "category": "other", "text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44906" }, { "category": "external", "summary": "RHBZ#2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h", "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h" } ], "release_date": "2022-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "minimist: prototype pollution" }, { "acknowledgments": [ { "names": [ "Marcus Nilsson" ], "organization": "usd AG" } ], "cve": "CVE-2022-1274", "cwe": { "id": "CWE-80", "name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)" }, "discovery_date": "2022-04-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2073157" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: HTML injection in execute-actions-email Admin REST API", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-1274" }, { "category": "external", "summary": "RHBZ#2073157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1274" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274" }, { "category": "external", "summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725", "url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725" } ], "release_date": "2023-02-28T18:57:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: HTML injection in execute-actions-email Admin REST API" }, { "acknowledgments": [ { "names": [ "Grzegorz Tworek" ], "organization": "SISOFT s.c." } ], "cve": "CVE-2022-1438", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2021-12-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2031904" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: XSS on impersonation under specific circumstances", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-1438" }, { "category": "external", "summary": "RHBZ#2031904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1438" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438" } ], "release_date": "2023-02-28T18:56:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: XSS on impersonation under specific circumstances" }, { "cve": "CVE-2022-1471", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-12-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150009" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).", "title": "Vulnerability description" }, { "category": "summary", "text": "SnakeYaml: Constructor Deserialization Remote Code Execution", "title": "Vulnerability summary" }, { "category": "other", "text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-1471" }, { "category": "external", "summary": "RHBZ#2150009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1471" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471" }, { "category": "external", "summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2", "url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2" } ], "release_date": "2022-10-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "SnakeYaml: Constructor Deserialization Remote Code Execution" }, { "acknowledgments": [ { "names": [ "Ayta\u00e7 Kal\u0131nc\u0131", "Ilker Bulgurcu", "Yasin Y\u0131lmaz" ], "organization": "NETA\u015e PENTEST TEAM" } ], "cve": "CVE-2022-2237", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2022-06-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2097007" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Keycloak Node.js Adapter. This flaw allows an attacker to benefit from an Open Redirect vulnerability in the checkSso function.", "title": "Vulnerability description" }, { "category": "summary", "text": "Adapter: Open redirect vulnerability in checkSSO", "title": "Vulnerability summary" }, { "category": "other", "text": "CodeReady Studio is no longer supported. Therefore, this flaw will not be addressed in CodeReady Studio. Please see https://developers.redhat.com/articles/2022/04/18/announcement-red-hat-codeready-studio-reaches-end-life for more information.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-2237" }, { "category": "external", "summary": "RHBZ#2097007", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097007" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-2237", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2237" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2237", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2237" } ], "release_date": "2023-03-01T13:57:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Adapter: Open redirect vulnerability in checkSSO" }, { "cve": "CVE-2022-2764", "discovery_date": "2022-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2117506" } ], "notes": [ { "category": "description", "text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-2764" }, { "category": "external", "summary": "RHBZ#2117506", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2764" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764" } ], "release_date": "2022-08-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations" }, { "cve": "CVE-2022-3782", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2022-10-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2138971" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: path traversal via double URL encoding", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Build of Quarkus is not impacted as this CVE affects the server-side Keycloak execution but Quarkus only acts as a Keycloak client in its quarkus-keycloak-authorization extension. For this reason Quarkus is marked with Low impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3782" }, { "category": "external", "summary": "RHBZ#2138971", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3782", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3782" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3782", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3782" } ], "release_date": "2022-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "keycloak: path traversal via double URL encoding" }, { "acknowledgments": [ { "names": [ "Peter Flintholm" ], "organization": "Trifork" } ], "cve": "CVE-2022-3916", "cwe": { "id": "CWE-384", "name": "Session Fixation" }, "discovery_date": "2022-11-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2141404" } ], "notes": [ { "category": "description", "text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: Session takeover with OIDC offline refreshtokens", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3916" }, { "category": "external", "summary": "RHBZ#2141404", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3916" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916" } ], "release_date": "2022-11-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: Session takeover with OIDC offline refreshtokens" }, { "cve": "CVE-2022-4137", "cwe": { "id": "CWE-81", "name": "Improper Neutralization of Script in an Error Message Web Page" }, "discovery_date": "2022-11-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2148496" } ], "notes": [ { "category": "description", "text": "A reflected cross-site scripting (XSS) vulnerability was found in the \u0027oob\u0027 OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: reflected XSS attack", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-4137" }, { "category": "external", "summary": "RHBZ#2148496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4137", "url": "https://www.cve.org/CVERecord?id=CVE-2022-4137" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137" } ], "release_date": "2023-03-01T13:56:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "keycloak: reflected XSS attack" }, { "cve": "CVE-2022-24785", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2022-04-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2072009" } ], "notes": [ { "category": "description", "text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "Moment.js: Path traversal in moment.locale", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24785" }, { "category": "external", "summary": "RHBZ#2072009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24785" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785" }, { "category": "external", "summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4", "url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4" } ], "release_date": "2022-04-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" }, { "category": "workaround", "details": "Sanitize the user-provided locale name before passing it to Moment.js.", "product_ids": [ "Red Hat Single Sign-On 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Moment.js: Path traversal in moment.locale" }, { "cve": "CVE-2022-25857", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2126789" } ], "notes": [ { "category": "description", "text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections", "title": "Vulnerability summary" }, { "category": "other", "text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-25857" }, { "category": "external", "summary": "RHBZ#2126789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857", "url": "https://www.cve.org/CVERecord?id=CVE-2022-25857" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857" }, { "category": "external", "summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525" } ], "release_date": "2022-08-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections" }, { "cve": "CVE-2022-31129", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-07-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2105075" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "moment: inefficient parsing algorithm resulting in DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-31129" }, { "category": "external", "summary": "RHBZ#2105075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129", "url": "https://www.cve.org/CVERecord?id=CVE-2022-31129" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129" }, { "category": "external", "summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g", "url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g" } ], "release_date": "2022-07-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "moment: inefficient parsing algorithm resulting in DoS" }, { "cve": "CVE-2022-37603", "cwe": { "id": "CWE-185", "name": "Incorrect Regular Expression" }, "discovery_date": "2022-11-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140597" } ], "notes": [ { "category": "description", "text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.", "title": "Vulnerability description" }, { "category": "summary", "text": "loader-utils: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-37603" }, { "category": "external", "summary": "RHBZ#2140597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603", "url": "https://www.cve.org/CVERecord?id=CVE-2022-37603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603" } ], "release_date": "2022-10-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "loader-utils: Regular expression denial of service" }, { "cve": "CVE-2022-38749", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2129706" } ], "notes": [ { "category": "description", "text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38749" }, { "category": "external", "summary": "RHBZ#2129706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38749" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749" } ], "release_date": "2022-09-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode" }, { "cve": "CVE-2022-38750", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2129707" } ], "notes": [ { "category": "description", "text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38750" }, { "category": "external", "summary": "RHBZ#2129707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38750" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750" } ], "release_date": "2022-09-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject" }, { "cve": "CVE-2022-38751", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2129709" } ], "notes": [ { "category": "description", "text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38751" }, { "category": "external", "summary": "RHBZ#2129709", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38751" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751" } ], "release_date": "2022-09-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match" }, { "cve": "CVE-2022-40149", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-10-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135771" } ], "notes": [ { "category": "description", "text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: parser crash by stackoverflow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40149" }, { "category": "external", "summary": "RHBZ#2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40149" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: parser crash by stackoverflow" }, { "cve": "CVE-2022-40150", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-10-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135770" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: memory exhaustion via user-supplied XML or JSON data", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40150" }, { "category": "external", "summary": "RHBZ#2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jettison: memory exhaustion via user-supplied XML or JSON data" }, { "cve": "CVE-2022-42003", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135244" } ], "notes": [ { "category": "description", "text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42003" }, { "category": "external", "summary": "RHBZ#2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS" }, { "cve": "CVE-2022-42004", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135247" } ], "notes": [ { "category": "description", "text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: use of deeply nested arrays", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42004" }, { "category": "external", "summary": "RHBZ#2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: use of deeply nested arrays" }, { "cve": "CVE-2022-45047", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-11-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2145194" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.", "title": "Vulnerability description" }, { "category": "summary", "text": "mina-sshd: Java unsafe deserialization vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45047" }, { "category": "external", "summary": "RHBZ#2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45047" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047" }, { "category": "external", "summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html", "url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html" } ], "release_date": "2022-11-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" }, { "category": "workaround", "details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).", "product_ids": [ "Red Hat Single Sign-On 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "mina-sshd: Java unsafe deserialization vulnerability" }, { "cve": "CVE-2022-45693", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-12-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155970" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45693" }, { "category": "external", "summary": "RHBZ#2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45693" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos" }, { "cve": "CVE-2022-46175", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156263" } ], "notes": [ { "category": "description", "text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.", "title": "Vulnerability description" }, { "category": "summary", "text": "json5: Prototype Pollution in JSON5 via Parse Method", "title": "Vulnerability summary" }, { "category": "other", "text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46175" }, { "category": "external", "summary": "RHBZ#2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46175" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175" }, { "category": "external", "summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h", "url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h" } ], "release_date": "2022-12-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "json5: Prototype Pollution in JSON5 via Parse Method" }, { "cve": "CVE-2022-46363", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2022-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155681" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.", "title": "Vulnerability description" }, { "category": "summary", "text": "CXF: directory listing / code exfiltration", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46363" }, { "category": "external", "summary": "RHBZ#2155681", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46363" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363" }, { "category": "external", "summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c", "url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "CXF: directory listing / code exfiltration" }, { "cve": "CVE-2022-46364", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2022-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155682" } ], "notes": [ { "category": "description", "text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.", "title": "Vulnerability description" }, { "category": "summary", "text": "CXF: SSRF Vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46364" }, { "category": "external", "summary": "RHBZ#2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46364" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364" }, { "category": "external", "summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2", "url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "CXF: SSRF Vulnerability" }, { "acknowledgments": [ { "names": [ "Sourav Kumar" ], "organization": "https://github.com/souravs17031999", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0091", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2022-10-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2158585" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: Client Registration endpoint does not check token revocation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0091" }, { "category": "external", "summary": "RHBZ#2158585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0091" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091" }, { "category": "external", "summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg", "url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg" }, { "category": "external", "summary": "https://github.com/keycloak/security/issues/27", "url": "https://github.com/keycloak/security/issues/27" } ], "release_date": "2022-10-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "keycloak: Client Registration endpoint does not check token revocation" }, { "acknowledgments": [ { "names": [ "Jordi Zayuelas i Mu\u00f1oz" ], "organization": "A1 Digital", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0264", "cwe": { "id": "CWE-303", "name": "Incorrect Implementation of Authentication Algorithm" }, "discovery_date": "2023-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2160585" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: user impersonation via stolen uuid code", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0264" }, { "category": "external", "summary": "RHBZ#2160585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0264" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264" } ], "release_date": "2023-02-28T18:58:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:58:17+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Single Sign-On 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1049" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: user impersonation via stolen uuid code" } ] }
rhsa-2020_5412
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for python-XStatic-jQuery224 is now available for Red Hat\nOpenStack Platform 16.1 (Train).\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "python-XStatic-jQuery is the jQuery javascript library packaged for Python\u0027s setuptools\n\nSecurity Fix(es):\n\n* Passing HTML containing \u003coption\u003e elements to manipulation methods could\nresult in untrusted code execution (CVE-2020-11023)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:5412", "url": "https://access.redhat.com/errata/RHSA-2020:5412" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5412.json" } ], "title": "Red Hat Security Advisory: python-XStatic-jQuery224 security update", "tracking": { "current_release_date": "2024-11-15T08:40:47+00:00", "generator": { "date": "2024-11-15T08:40:47+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:5412", "initial_release_date": "2020-12-15T19:02:05+00:00", "revision_history": [ { "date": "2020-12-15T19:02:05+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-12-15T19:02:05+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:40:47+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenStack Platform 16.1", "product": { "name": "Red Hat OpenStack Platform 16.1", "product_id": "8Base-RHOS-16.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:openstack:16.1::el8" } } } ], "category": "product_family", "name": "Red Hat OpenStack Platform" }, { "branches": [ { "category": "product_version", "name": "python-XStatic-jQuery224-0:2.2.4.1-3.el8ost.src", "product": { "name": "python-XStatic-jQuery224-0:2.2.4.1-3.el8ost.src", "product_id": "python-XStatic-jQuery224-0:2.2.4.1-3.el8ost.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-XStatic-jQuery224@2.2.4.1-3.el8ost?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "python3-XStatic-jQuery224-0:2.2.4.1-3.el8ost.noarch", "product": { "name": "python3-XStatic-jQuery224-0:2.2.4.1-3.el8ost.noarch", "product_id": "python3-XStatic-jQuery224-0:2.2.4.1-3.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-XStatic-jQuery224@2.2.4.1-3.el8ost?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "python-XStatic-jQuery224-0:2.2.4.1-3.el8ost.src as a component of Red Hat OpenStack Platform 16.1", "product_id": "8Base-RHOS-16.1:python-XStatic-jQuery224-0:2.2.4.1-3.el8ost.src" }, "product_reference": "python-XStatic-jQuery224-0:2.2.4.1-3.el8ost.src", "relates_to_product_reference": "8Base-RHOS-16.1" }, { "category": "default_component_of", "full_product_name": { "name": "python3-XStatic-jQuery224-0:2.2.4.1-3.el8ost.noarch as a component of Red Hat OpenStack Platform 16.1", "product_id": "8Base-RHOS-16.1:python3-XStatic-jQuery224-0:2.2.4.1-3.el8ost.noarch" }, "product_reference": "python3-XStatic-jQuery224-0:2.2.4.1-3.el8ost.noarch", "relates_to_product_reference": "8Base-RHOS-16.1" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOS-16.1:python-XStatic-jQuery224-0:2.2.4.1-3.el8ost.src", "8Base-RHOS-16.1:python3-XStatic-jQuery224-0:2.2.4.1-3.el8ost.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-12-15T19:02:05+00:00", "details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOS-16.1:python-XStatic-jQuery224-0:2.2.4.1-3.el8ost.src", "8Base-RHOS-16.1:python3-XStatic-jQuery224-0:2.2.4.1-3.el8ost.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:5412" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOS-16.1:python-XStatic-jQuery224-0:2.2.4.1-3.el8ost.src", "8Base-RHOS-16.1:python3-XStatic-jQuery224-0:2.2.4.1-3.el8ost.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" } ] }
rhsa-2023_0554
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of\nservice, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute\n(CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM\nmanipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n(CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy\n(CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability\n(CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of\nService attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of\ntooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute\n(CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator\n(CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n(CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data\n(CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0554", "url": "https://access.redhat.com/errata/RHSA-2023:0554" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/" }, { "category": "external", "summary": "1399546", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546" }, { "category": "external", "summary": "1553413", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413" }, { "category": "external", "summary": "1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "1601616", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616" }, { "category": "external", "summary": "1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "1668097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097" }, { "category": "external", "summary": "1686454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454" }, { "category": "external", "summary": "1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "2124682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682" }, { "category": "external", "summary": "2134291", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291" }, { "category": "external", "summary": "2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "JBEAP-23864", "url": "https://issues.redhat.com/browse/JBEAP-23864" }, { "category": "external", "summary": "JBEAP-23865", "url": "https://issues.redhat.com/browse/JBEAP-23865" }, { "category": "external", "summary": "JBEAP-23866", "url": "https://issues.redhat.com/browse/JBEAP-23866" }, { "category": "external", "summary": "JBEAP-23928", "url": "https://issues.redhat.com/browse/JBEAP-23928" }, { "category": "external", "summary": "JBEAP-24055", "url": "https://issues.redhat.com/browse/JBEAP-24055" }, { "category": "external", "summary": "JBEAP-24081", "url": "https://issues.redhat.com/browse/JBEAP-24081" }, { "category": "external", "summary": "JBEAP-24095", "url": "https://issues.redhat.com/browse/JBEAP-24095" }, { "category": "external", "summary": "JBEAP-24100", "url": "https://issues.redhat.com/browse/JBEAP-24100" }, { "category": "external", "summary": "JBEAP-24127", "url": "https://issues.redhat.com/browse/JBEAP-24127" }, { "category": "external", "summary": "JBEAP-24128", "url": "https://issues.redhat.com/browse/JBEAP-24128" }, { "category": "external", "summary": "JBEAP-24132", "url": "https://issues.redhat.com/browse/JBEAP-24132" }, { "category": "external", "summary": "JBEAP-24147", "url": "https://issues.redhat.com/browse/JBEAP-24147" }, { "category": "external", "summary": "JBEAP-24167", "url": "https://issues.redhat.com/browse/JBEAP-24167" }, { "category": "external", "summary": "JBEAP-24191", "url": "https://issues.redhat.com/browse/JBEAP-24191" }, { "category": "external", "summary": "JBEAP-24195", "url": "https://issues.redhat.com/browse/JBEAP-24195" }, { "category": "external", "summary": "JBEAP-24207", "url": "https://issues.redhat.com/browse/JBEAP-24207" }, { "category": "external", "summary": "JBEAP-24248", "url": "https://issues.redhat.com/browse/JBEAP-24248" }, { "category": "external", "summary": "JBEAP-24426", "url": "https://issues.redhat.com/browse/JBEAP-24426" }, { "category": "external", "summary": "JBEAP-24427", "url": "https://issues.redhat.com/browse/JBEAP-24427" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0554.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update", "tracking": { "current_release_date": "2024-11-15T13:21:34+00:00", "generator": { "date": "2024-11-15T13:21:34+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:0554", "initial_release_date": "2023-01-31T13:15:23+00:00", "revision_history": [ { "date": "2023-01-31T13:15:23+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-01-31T13:15:23+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T13:21:34+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.4 for RHEL 9", "product": { "name": "Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "product_id": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.3-1.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "product": { "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src", "product": { "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src", "product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "product": { "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "product": { "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "product": { "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "product": { "name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "product_id": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.7-1.redhat_00003.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "product": { "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "product": { "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "product": { "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "product": { "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "product": { "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "product": { "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "product": { "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "product": { "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el9eap?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.3-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_id": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.7-1.redhat_00003.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_id": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.7-1.redhat_00003.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "product_id": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise@1.0.1-3.redhat_00003.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_id": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.7-1.redhat_00003.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.7-1.redhat_00003.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.7-1.redhat_00003.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "product": { "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jms@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search-engine@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search-orm@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search-serialization-avro@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.16-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "product": { "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "product": { "name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "product_id": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-24.Final_redhat_00023.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "product": { "name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "product_id": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-24.Final_redhat_00023.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "product_id": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.9-4.GA_redhat_00003.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "product_id": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.9-4.GA_redhat_00003.1.el9eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src" }, "product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src" }, "product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src" }, "product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src" }, "product_reference": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src" }, "product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src" }, "product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src" }, "product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch" }, "product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src" }, "product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch" }, "product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch" }, "product_reference": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch" }, "product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src" }, "product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src" }, "product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-9251", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2016-11-27T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1399546" } ], "notes": [ { "category": "description", "text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting via cross-domain ajax requests", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-9251" }, { "category": "external", "summary": "RHBZ#1399546", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251", "url": "https://www.cve.org/CVERecord?id=CVE-2015-9251" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251" } ], "release_date": "2015-06-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Cross-site scripting via cross-domain ajax requests" }, { "cve": "CVE-2016-10735", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-01-09T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1668097" } ], "notes": [ { "category": "description", "text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: XSS in the data-target attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-10735" }, { "category": "external", "summary": "RHBZ#1668097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735", "url": "https://www.cve.org/CVERecord?id=CVE-2016-10735" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735" } ], "release_date": "2016-06-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: XSS in the data-target attribute" }, { "cve": "CVE-2017-18214", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2018-03-08T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1553413" } ], "notes": [ { "category": "description", "text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-moment: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-18214" }, { "category": "external", "summary": "RHBZ#1553413", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18214" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214" } ], "release_date": "2017-09-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-moment: Regular expression denial of service" }, { "cve": "CVE-2018-14040", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601614" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14040" }, { "category": "external", "summary": "RHBZ#1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14040" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute" }, { "cve": "CVE-2018-14041", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601616" } ], "notes": [ { "category": "description", "text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14041" }, { "category": "external", "summary": "RHBZ#1601616", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14041" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy" }, { "cve": "CVE-2018-14042", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601617" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14042" }, { "category": "external", "summary": "RHBZ#1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14042" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip" }, { "cve": "CVE-2019-8331", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-02-20T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1686454" } ], "notes": [ { "category": "description", "text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: XSS in the tooltip or popover data-template attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-8331" }, { "category": "external", "summary": "RHBZ#1686454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8331" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331" } ], "release_date": "2019-02-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: XSS in the tooltip or popover data-template attribute" }, { "cve": "CVE-2019-11358", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-03-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1701972" } ], "notes": [ { "category": "description", "text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11358" }, { "category": "external", "summary": "RHBZ#1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "category": "external", "summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "category": "external", "summary": "https://www.drupal.org/sa-core-2019-006", "url": "https://www.drupal.org/sa-core-2019-006" } ], "release_date": "2019-03-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "cve": "CVE-2022-3143", "cwe": { "id": "CWE-208", "name": "Observable Timing Discrepancy" }, "discovery_date": "2022-09-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2124682" } ], "notes": [ { "category": "description", "text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly-elytron: possible timing attacks via use of unsafe comparator", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3143" }, { "category": "external", "summary": "RHBZ#2124682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3143" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143" } ], "release_date": "2022-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "wildfly-elytron: possible timing attacks via use of unsafe comparator" }, { "cve": "CVE-2022-40149", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-10-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135771" } ], "notes": [ { "category": "description", "text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: parser crash by stackoverflow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40149" }, { "category": "external", "summary": "RHBZ#2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40149" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: parser crash by stackoverflow" }, { "cve": "CVE-2022-40150", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-10-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135770" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: memory exhaustion via user-supplied XML or JSON data", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40150" }, { "category": "external", "summary": "RHBZ#2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jettison: memory exhaustion via user-supplied XML or JSON data" }, { "cve": "CVE-2022-40152", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-10-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134291" } ], "notes": [ { "category": "description", "text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.", "title": "Vulnerability description" }, { "category": "summary", "text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40152" }, { "category": "external", "summary": "RHBZ#2134291", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40152" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4", "url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4" } ], "release_date": "2022-09-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks" }, { "cve": "CVE-2022-42003", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135244" } ], "notes": [ { "category": "description", "text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42003" }, { "category": "external", "summary": "RHBZ#2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS" }, { "cve": "CVE-2022-42004", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135247" } ], "notes": [ { "category": "description", "text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: use of deeply nested arrays", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42004" }, { "category": "external", "summary": "RHBZ#2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: use of deeply nested arrays" }, { "cve": "CVE-2022-45047", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-11-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2145194" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.", "title": "Vulnerability description" }, { "category": "summary", "text": "mina-sshd: Java unsafe deserialization vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45047" }, { "category": "external", "summary": "RHBZ#2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45047" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047" }, { "category": "external", "summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html", "url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html" } ], "release_date": "2022-11-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" }, { "category": "workaround", "details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mina-sshd: Java unsafe deserialization vulnerability" }, { "cve": "CVE-2022-45693", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-12-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155970" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src" ], "known_not_affected": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45693" }, { "category": "external", "summary": "RHBZ#2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45693" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos" }, { "cve": "CVE-2022-46364", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2022-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155682" } ], "notes": [ { "category": "description", "text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.", "title": "Vulnerability description" }, { "category": "summary", "text": "CXF: SSRF Vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46364" }, { "category": "external", "summary": "RHBZ#2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46364" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364" }, { "category": "external", "summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2", "url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:23+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0554" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "CXF: SSRF Vulnerability" } ] }
rhsa-2021_1846
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the idm:DL1 and idm:client modules is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. \n\nSecurity Fix(es):\n\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:1846", "url": "https://access.redhat.com/errata/RHSA-2021:1846" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/" }, { "category": "external", "summary": "871208", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=871208" }, { "category": "external", "summary": "1340463", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340463" }, { "category": "external", "summary": "1357495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1357495" }, { "category": "external", "summary": "1484088", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484088" }, { "category": "external", "summary": "1542737", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1542737" }, { "category": "external", "summary": "1544379", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1544379" }, { "category": "external", "summary": "1660877", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660877" }, { "category": "external", "summary": "1779981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1779981" }, { "category": "external", "summary": "1780328", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780328" }, { "category": "external", "summary": "1780510", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780510" }, { "category": "external", "summary": "1780782", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780782" }, { "category": "external", "summary": "1784657", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1784657" }, { "category": "external", "summary": "1809215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809215" }, { "category": "external", "summary": "1810148", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810148" }, { "category": "external", "summary": "1812871", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1812871" }, { "category": "external", "summary": "1824193", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824193" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "1851835", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851835" }, { "category": "external", "summary": "1857272", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857272" }, { "category": "external", "summary": "1860129", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860129" }, { "category": "external", "summary": "1866558", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866558" }, { "category": "external", "summary": "1872603", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1872603" }, { "category": "external", "summary": "1875001", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875001" }, { "category": "external", "summary": "1882340", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882340" }, { "category": "external", "summary": "1891056", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891056" }, { "category": "external", "summary": "1891505", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891505" }, { "category": "external", "summary": "1891735", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891735" }, { "category": "external", "summary": "1891741", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891741" }, { "category": "external", "summary": "1891832", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891832" }, { "category": "external", "summary": "1891850", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891850" }, { "category": "external", "summary": "1894800", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894800" }, { "category": "external", "summary": "1901068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901068" }, { "category": "external", "summary": "1902173", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902173" }, { "category": "external", "summary": "1902727", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902727" }, { "category": "external", "summary": "1903025", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903025" }, { "category": "external", "summary": "1904484", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1904484" }, { "category": "external", "summary": "1904612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1904612" }, { "category": "external", "summary": "1905919", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905919" }, { "category": "external", "summary": "1909876", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909876" }, { "category": "external", "summary": "1912845", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912845" }, { "category": "external", "summary": "1922955", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922955" }, { "category": "external", "summary": "1923900", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923900" }, { "category": "external", "summary": "1924026", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1924026" }, { "category": "external", "summary": "1924501", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1924501" }, { "category": "external", "summary": "1924812", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1924812" }, { "category": "external", "summary": "1925410", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925410" }, { "category": "external", "summary": "1926699", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1926699" }, { "category": "external", "summary": "1926910", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1926910" }, { "category": "external", "summary": "1928900", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928900" }, { "category": "external", "summary": "1930426", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930426" }, { "category": "external", "summary": "1932289", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932289" }, { "category": "external", "summary": "1939371", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939371" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1846.json" } ], "title": "Red Hat Security Advisory: idm:DL1 and idm:client security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-15T08:43:08+00:00", "generator": { "date": "2024-11-15T08:43:08+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:1846", "initial_release_date": "2021-05-18T16:39:16+00:00", "revision_history": [ { "date": "2021-05-18T16:39:16+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-05-18T16:39:16+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:43:08+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "idm:client:8040020210319141812:479738cf", "product": { "name": "idm:client:8040020210319141812:479738cf", "product_id": "idm:client:8040020210319141812:479738cf", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/idm@client:8040020210319141812:479738cf" } } }, { "category": "product_version", "name": "ipa-client-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product": { "name": "ipa-client-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product_id": "ipa-client-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-common@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=noarch" } } }, { "category": "product_version", "name": "ipa-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product": { "name": "ipa-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product_id": "ipa-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-common@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=noarch" } } }, { "category": "product_version", "name": "ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9008+94c5103b.noarch", "product": { "name": "ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9008+94c5103b.noarch", "product_id": "ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9008+94c5103b.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-healthcheck-core@0.7-3.module%2Bel8.4.0%2B9008%2B94c5103b?arch=noarch" } } }, { "category": "product_version", "name": "ipa-python-compat-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product": { "name": "ipa-python-compat-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product_id": "ipa-python-compat-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-python-compat@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=noarch" } } }, { "category": "product_version", "name": "ipa-selinux-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product": { "name": "ipa-selinux-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product_id": "ipa-selinux-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-selinux@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=noarch" } } }, { "category": "product_version", "name": "python3-ipaclient-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product": { "name": "python3-ipaclient-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product_id": "python3-ipaclient-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-ipaclient@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=noarch" } } }, { "category": "product_version", "name": "python3-ipalib-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product": { "name": "python3-ipalib-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product_id": "python3-ipalib-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-ipalib@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=noarch" } } }, { "category": "product_version", "name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch", "product": { "name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch", "product_id": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch" } } }, { "category": "product_version", "name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch", "product": { "name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch", "product_id": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-pyusb@1.0.0-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch" } } }, { "category": "product_version", "name": "python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch", "product": { "name": "python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch", "product_id": "python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-qrcode@5.1-12.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch" } } }, { "category": "product_version", "name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch", "product": { "name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch", "product_id": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-qrcode-core@5.1-12.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch" } } }, { "category": "product_version", "name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch", "product": { "name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch", "product_id": "python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-yubico@1.3.2-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch" } } }, { "category": "product_version", "name": "idm:DL1:8040020210319141752:1f8cbe47", "product": { "name": "idm:DL1:8040020210319141752:1f8cbe47", "product_id": "idm:DL1:8040020210319141752:1f8cbe47", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/idm@DL1:8040020210319141752:1f8cbe47" } } }, { "category": "product_version", "name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "product": { "name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "product_id": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/custodia@0.6.0-3.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch" } } }, { "category": "product_version", "name": "ipa-client-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product": { "name": "ipa-client-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_id": "ipa-client-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-common@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=noarch" } } }, { "category": "product_version", "name": "ipa-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product": { "name": "ipa-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_id": "ipa-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-common@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=noarch" } } }, { "category": "product_version", "name": "ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch", "product": { "name": "ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch", "product_id": "ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-healthcheck@0.7-3.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=noarch" } } }, { "category": "product_version", "name": "ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch", "product": { "name": "ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch", "product_id": "ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-healthcheck-core@0.7-3.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=noarch" } } }, { "category": "product_version", "name": "ipa-python-compat-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product": { "name": "ipa-python-compat-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_id": "ipa-python-compat-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-python-compat@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=noarch" } } }, { "category": "product_version", "name": "ipa-selinux-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product": { "name": "ipa-selinux-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_id": "ipa-selinux-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-selinux@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=noarch" } } }, { "category": "product_version", "name": "ipa-server-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product": { "name": "ipa-server-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_id": "ipa-server-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-common@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=noarch" } } }, { "category": "product_version", "name": "ipa-server-dns-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product": { "name": "ipa-server-dns-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_id": "ipa-server-dns-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-dns@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=noarch" } } }, { "category": "product_version", "name": "python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "product": { "name": "python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "product_id": "python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-custodia@0.6.0-3.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch" } } }, { "category": "product_version", "name": "python3-ipaclient-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product": { "name": "python3-ipaclient-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_id": "python3-ipaclient-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-ipaclient@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=noarch" } } }, { "category": "product_version", "name": "python3-ipalib-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product": { "name": "python3-ipalib-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_id": "python3-ipalib-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-ipalib@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=noarch" } } }, { "category": "product_version", "name": "python3-ipaserver-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product": { "name": "python3-ipaserver-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_id": "python3-ipaserver-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-ipaserver@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=noarch" } } }, { "category": "product_version", "name": "python3-ipatests-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product": { "name": "python3-ipatests-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_id": "python3-ipatests-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-ipatests@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=noarch" } } }, { "category": "product_version", "name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch", "product": { "name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch", "product_id": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch" } } }, { "category": "product_version", "name": "python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch", "product": { "name": "python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch", "product_id": "python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-kdcproxy@0.4-5.module%2Bel8.2.0%2B4691%2Ba05b2456?arch=noarch" } } }, { "category": "product_version", "name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch", "product": { "name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch", "product_id": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-pyusb@1.0.0-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch" } } }, { "category": "product_version", "name": "python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch", "product": { "name": "python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch", "product_id": "python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-qrcode@5.1-12.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch" } } }, { "category": "product_version", "name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch", "product": { "name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch", "product_id": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-qrcode-core@5.1-12.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch" } } }, { "category": "product_version", "name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch", "product": { "name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch", "product_id": "python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-yubico@1.3.2-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "ipa-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.src", "product": { "name": "ipa-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.src", "product_id": "ipa-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=src" } } }, { "category": "product_version", "name": "ipa-healthcheck-0:0.7-3.module+el8.4.0+9008+94c5103b.src", "product": { "name": "ipa-healthcheck-0:0.7-3.module+el8.4.0+9008+94c5103b.src", "product_id": "ipa-healthcheck-0:0.7-3.module+el8.4.0+9008+94c5103b.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-healthcheck@0.7-3.module%2Bel8.4.0%2B9008%2B94c5103b?arch=src" } } }, { "category": "product_version", "name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src", "product": { "name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src", "product_id": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src" } } }, { "category": "product_version", "name": "python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src", "product": { "name": "python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src", "product_id": "python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-qrcode@5.1-12.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src" } } }, { "category": "product_version", "name": "python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src", "product": { "name": "python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src", "product_id": "python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-yubico@1.3.2-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src" } } }, { "category": "product_version", "name": "pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src", "product": { "name": "pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src", "product_id": "pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/pyusb@1.0.0-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src" } } }, { "category": "product_version", "name": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.src", "product": { "name": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.src", "product_id": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.6-2.module%2Bel8.4.0%2B9328%2B4ec4e316?arch=src" } } }, { "category": "product_version", "name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src", "product": { "name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src", "product_id": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/custodia@0.6.0-3.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src" } } }, { "category": "product_version", "name": "ipa-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.src", "product": { "name": "ipa-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.src", "product_id": "ipa-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=src" } } }, { "category": "product_version", "name": "ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.src", "product": { "name": "ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.src", "product_id": "ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-healthcheck@0.7-3.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=src" } } }, { "category": "product_version", "name": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.src", "product": { "name": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.src", "product_id": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/opendnssec@2.1.7-1.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=src" } } }, { "category": "product_version", "name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src", "product": { "name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src", "product_id": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src" } } }, { "category": "product_version", "name": "python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src", "product": { "name": "python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src", "product_id": "python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-kdcproxy@0.4-5.module%2Bel8.2.0%2B4691%2Ba05b2456?arch=src" } } }, { "category": "product_version", "name": "python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src", "product": { "name": "python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src", "product_id": "python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-qrcode@5.1-12.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src" } } }, { "category": "product_version", "name": "python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src", "product": { "name": "python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src", "product_id": "python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-yubico@1.3.2-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src" } } }, { "category": "product_version", "name": "pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src", "product": { "name": "pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src", "product_id": "pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/pyusb@1.0.0-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src" } } }, { "category": "product_version", "name": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.src", "product": { "name": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.src", "product_id": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/slapi-nis@0.56.6-1.module%2Bel8.4.0%2B9005%2Bf55ff3e7?arch=src" } } }, { "category": "product_version", "name": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.src", "product": { "name": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.src", "product_id": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product_id": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=aarch64" } } }, { "category": "product_version", "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product_id": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=aarch64" } } }, { "category": "product_version", "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product_id": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-epn@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=aarch64" } } }, { "category": "product_version", "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product_id": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-samba@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=aarch64" } } }, { "category": "product_version", "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product_id": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=aarch64" } } }, { "category": "product_version", "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product_id": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debugsource@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=aarch64" } } }, { "category": "product_version", "name": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "product": { "name": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "product_id": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.6-2.module%2Bel8.4.0%2B9328%2B4ec4e316?arch=aarch64" } } }, { "category": "product_version", "name": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "product": { "name": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "product_id": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.6-2.module%2Bel8.4.0%2B9328%2B4ec4e316?arch=aarch64" } } }, { "category": "product_version", "name": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "product": { "name": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "product_id": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.6-2.module%2Bel8.4.0%2B9328%2B4ec4e316?arch=aarch64" } } }, { "category": "product_version", "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_id": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=aarch64" } } }, { "category": "product_version", "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_id": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=aarch64" } } }, { "category": "product_version", "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_id": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-epn@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=aarch64" } } }, { "category": "product_version", "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_id": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-samba@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=aarch64" } } }, { "category": "product_version", "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_id": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=aarch64" } } }, { "category": "product_version", "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_id": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debugsource@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=aarch64" } } }, { "category": "product_version", "name": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product": { "name": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_id": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=aarch64" } } }, { "category": "product_version", "name": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product": { "name": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_id": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=aarch64" } } }, { "category": "product_version", "name": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product": { "name": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_id": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=aarch64" } } }, { "category": "product_version", "name": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product": { "name": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_id": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=aarch64" } } }, { "category": "product_version", "name": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "product": { "name": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "product_id": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/opendnssec@2.1.7-1.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=aarch64" } } }, { "category": "product_version", "name": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "product": { "name": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "product_id": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.7-1.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=aarch64" } } }, { "category": "product_version", "name": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "product": { "name": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "product_id": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.7-1.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=aarch64" } } }, { "category": "product_version", "name": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "product": { "name": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "product_id": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/slapi-nis@0.56.6-1.module%2Bel8.4.0%2B9005%2Bf55ff3e7?arch=aarch64" } } }, { "category": "product_version", "name": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "product": { "name": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "product_id": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.6-1.module%2Bel8.4.0%2B9005%2Bf55ff3e7?arch=aarch64" } } }, { "category": "product_version", "name": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "product": { "name": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "product_id": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.6-1.module%2Bel8.4.0%2B9005%2Bf55ff3e7?arch=aarch64" } } }, { "category": "product_version", "name": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "product": { "name": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "product_id": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=aarch64" } } }, { "category": "product_version", "name": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "product": { "name": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "product_id": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=aarch64" } } }, { "category": "product_version", "name": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "product": { "name": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "product_id": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=aarch64" } } }, { "category": "product_version", "name": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "product": { "name": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "product_id": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product_id": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product_id": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product_id": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-epn@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product_id": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-samba@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product_id": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product_id": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debugsource@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=ppc64le" } } }, { "category": "product_version", "name": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "product": { "name": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "product_id": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.6-2.module%2Bel8.4.0%2B9328%2B4ec4e316?arch=ppc64le" } } }, { "category": "product_version", "name": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "product": { "name": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "product_id": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.6-2.module%2Bel8.4.0%2B9328%2B4ec4e316?arch=ppc64le" } } }, { "category": "product_version", "name": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "product": { "name": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "product_id": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.6-2.module%2Bel8.4.0%2B9328%2B4ec4e316?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_id": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_id": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_id": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-epn@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_id": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-samba@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_id": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_id": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debugsource@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product": { "name": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_id": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product": { "name": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_id": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product": { "name": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_id": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product": { "name": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_id": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=ppc64le" } } }, { "category": "product_version", "name": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "product": { "name": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "product_id": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/opendnssec@2.1.7-1.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=ppc64le" } } }, { "category": "product_version", "name": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "product": { "name": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "product_id": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.7-1.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=ppc64le" } } }, { "category": "product_version", "name": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "product": { "name": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "product_id": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.7-1.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=ppc64le" } } }, { "category": "product_version", "name": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "product": { "name": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "product_id": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/slapi-nis@0.56.6-1.module%2Bel8.4.0%2B9005%2Bf55ff3e7?arch=ppc64le" } } }, { "category": "product_version", "name": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "product": { "name": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "product_id": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.6-1.module%2Bel8.4.0%2B9005%2Bf55ff3e7?arch=ppc64le" } } }, { "category": "product_version", "name": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "product": { "name": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "product_id": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.6-1.module%2Bel8.4.0%2B9005%2Bf55ff3e7?arch=ppc64le" } } }, { "category": "product_version", "name": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "product": { "name": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "product_id": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=ppc64le" } } }, { "category": "product_version", "name": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "product": { "name": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "product_id": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=ppc64le" } } }, { "category": "product_version", "name": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "product": { "name": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "product_id": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=ppc64le" } } }, { "category": "product_version", "name": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "product": { "name": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "product_id": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product_id": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=s390x" } } }, { "category": "product_version", "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product_id": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=s390x" } } }, { "category": "product_version", "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product_id": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-epn@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=s390x" } } }, { "category": "product_version", "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product_id": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-samba@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=s390x" } } }, { "category": "product_version", "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product_id": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=s390x" } } }, { "category": "product_version", "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product_id": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debugsource@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=s390x" } } }, { "category": "product_version", "name": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "product": { "name": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "product_id": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.6-2.module%2Bel8.4.0%2B9328%2B4ec4e316?arch=s390x" } } }, { "category": "product_version", "name": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "product": { "name": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "product_id": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.6-2.module%2Bel8.4.0%2B9328%2B4ec4e316?arch=s390x" } } }, { "category": "product_version", "name": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "product": { "name": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "product_id": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.6-2.module%2Bel8.4.0%2B9328%2B4ec4e316?arch=s390x" } } }, { "category": "product_version", "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_id": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=s390x" } } }, { "category": "product_version", "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_id": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=s390x" } } }, { "category": "product_version", "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_id": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-epn@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=s390x" } } }, { "category": "product_version", "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_id": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-samba@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=s390x" } } }, { "category": "product_version", "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_id": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=s390x" } } }, { "category": "product_version", "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_id": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debugsource@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=s390x" } } }, { "category": "product_version", "name": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product": { "name": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_id": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=s390x" } } }, { "category": "product_version", "name": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product": { "name": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_id": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=s390x" } } }, { "category": "product_version", "name": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product": { "name": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_id": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=s390x" } } }, { "category": "product_version", "name": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product": { "name": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_id": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=s390x" } } }, { "category": "product_version", "name": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "product": { "name": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "product_id": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/opendnssec@2.1.7-1.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=s390x" } } }, { "category": "product_version", "name": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "product": { "name": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "product_id": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.7-1.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=s390x" } } }, { "category": "product_version", "name": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "product": { "name": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "product_id": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.7-1.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=s390x" } } }, { "category": "product_version", "name": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "product": { "name": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "product_id": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/slapi-nis@0.56.6-1.module%2Bel8.4.0%2B9005%2Bf55ff3e7?arch=s390x" } } }, { "category": "product_version", "name": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "product": { "name": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "product_id": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.6-1.module%2Bel8.4.0%2B9005%2Bf55ff3e7?arch=s390x" } } }, { "category": "product_version", "name": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "product": { "name": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "product_id": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.6-1.module%2Bel8.4.0%2B9005%2Bf55ff3e7?arch=s390x" } } }, { "category": "product_version", "name": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "product": { "name": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "product_id": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=s390x" } } }, { "category": "product_version", "name": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "product": { "name": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "product_id": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=s390x" } } }, { "category": "product_version", "name": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "product": { "name": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "product_id": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=s390x" } } }, { "category": "product_version", "name": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "product": { "name": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "product_id": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product_id": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product_id": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product_id": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-epn@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product_id": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-samba@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product_id": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product_id": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debugsource@4.9.2-3.module%2Bel8.4.0%2B10413%2Ba92f1bfa?arch=x86_64" } } }, { "category": "product_version", "name": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "product": { "name": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "product_id": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.6-2.module%2Bel8.4.0%2B9328%2B4ec4e316?arch=x86_64" } } }, { "category": "product_version", "name": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "product": { "name": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "product_id": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.6-2.module%2Bel8.4.0%2B9328%2B4ec4e316?arch=x86_64" } } }, { "category": "product_version", "name": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "product": { "name": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "product_id": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.6-2.module%2Bel8.4.0%2B9328%2B4ec4e316?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_id": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_id": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_id": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-epn@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_id": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-samba@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_id": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_id": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debugsource@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product": { "name": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_id": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product": { "name": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_id": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product": { "name": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_id": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product": { "name": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_id": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.9.2-3.module%2Bel8.4.0%2B10412%2B5ecb5b37?arch=x86_64" } } }, { "category": "product_version", "name": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "product": { "name": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "product_id": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/opendnssec@2.1.7-1.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=x86_64" } } }, { "category": "product_version", "name": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "product": { "name": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "product_id": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.7-1.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=x86_64" } } }, { "category": "product_version", "name": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "product": { "name": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "product_id": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.7-1.module%2Bel8.4.0%2B9007%2B5084bdd8?arch=x86_64" } } }, { "category": "product_version", "name": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "product": { "name": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "product_id": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/slapi-nis@0.56.6-1.module%2Bel8.4.0%2B9005%2Bf55ff3e7?arch=x86_64" } } }, { "category": "product_version", "name": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "product": { "name": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "product_id": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.6-1.module%2Bel8.4.0%2B9005%2Bf55ff3e7?arch=x86_64" } } }, { "category": "product_version", "name": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "product": { "name": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "product_id": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.6-1.module%2Bel8.4.0%2B9005%2Bf55ff3e7?arch=x86_64" } } }, { "category": "product_version", "name": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "product": { "name": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "product_id": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=x86_64" } } }, { "category": "product_version", "name": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "product": { "name": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "product_id": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=x86_64" } } }, { "category": "product_version", "name": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "product": { "name": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "product_id": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=x86_64" } } }, { "category": "product_version", "name": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "product": { "name": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "product_id": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-5.module%2Bel8.4.0%2B10227%2B076cd560?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, "product_reference": "idm:DL1:8040020210319141752:1f8cbe47", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64" }, "product_reference": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le" }, "product_reference": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x" }, "product_reference": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.src as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.src" }, "product_reference": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64" }, "product_reference": "bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64" }, "product_reference": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le" }, "product_reference": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x" }, "product_reference": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64" }, "product_reference": "bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64" }, "product_reference": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le" }, "product_reference": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x" }, "product_reference": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64" }, "product_reference": "bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch" }, "product_reference": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src" }, "product_reference": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.src as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.src" }, "product_reference": "ipa-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64" }, "product_reference": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le" }, "product_reference": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x" }, "product_reference": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64" }, "product_reference": "ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch" }, "product_reference": "ipa-client-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64" }, "product_reference": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le" }, "product_reference": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x" }, "product_reference": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64" }, "product_reference": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64" }, "product_reference": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le" }, "product_reference": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x" }, "product_reference": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64" }, "product_reference": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64" }, "product_reference": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le" }, "product_reference": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x" }, "product_reference": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64" }, "product_reference": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch" }, "product_reference": "ipa-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64" }, "product_reference": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le" }, "product_reference": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x" }, "product_reference": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64" }, "product_reference": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64" }, "product_reference": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le" }, "product_reference": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x" }, "product_reference": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64" }, "product_reference": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch" }, "product_reference": "ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.src as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.src" }, "product_reference": "ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch" }, "product_reference": "ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-python-compat-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-python-compat-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch" }, "product_reference": "ipa-python-compat-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-selinux-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-selinux-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch" }, "product_reference": "ipa-selinux-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64" }, "product_reference": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le" }, "product_reference": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x" }, "product_reference": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64" }, "product_reference": "ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch" }, "product_reference": "ipa-server-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64" }, "product_reference": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le" }, "product_reference": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x" }, "product_reference": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64" }, "product_reference": "ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-dns-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-dns-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch" }, "product_reference": "ipa-server-dns-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64" }, "product_reference": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le" }, "product_reference": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x" }, "product_reference": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64" }, "product_reference": "ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64" }, "product_reference": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le" }, "product_reference": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x" }, "product_reference": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64" }, "product_reference": "ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64" }, "product_reference": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le" }, "product_reference": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x" }, "product_reference": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.src as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.src" }, "product_reference": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64" }, "product_reference": "opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64" }, "product_reference": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le" }, "product_reference": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x" }, "product_reference": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64" }, "product_reference": "opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64" }, "product_reference": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le" }, "product_reference": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x" }, "product_reference": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64" }, "product_reference": "opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src" }, "product_reference": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src" }, "product_reference": "python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src" }, "product_reference": "python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src" }, "product_reference": "python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch" }, "product_reference": "python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ipaclient-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipaclient-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch" }, "product_reference": "python3-ipaclient-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ipalib-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipalib-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch" }, "product_reference": "python3-ipalib-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ipaserver-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipaserver-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch" }, "product_reference": "python3-ipaserver-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ipatests-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipatests-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch" }, "product_reference": "python3-ipatests-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch" }, "product_reference": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch" }, "product_reference": "python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch" }, "product_reference": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch" }, "product_reference": "python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch" }, "product_reference": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch" }, "product_reference": "python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src" }, "product_reference": "pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64" }, "product_reference": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le" }, "product_reference": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x" }, "product_reference": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.src as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.src" }, "product_reference": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64" }, "product_reference": "slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64" }, "product_reference": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le" }, "product_reference": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x" }, "product_reference": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64" }, "product_reference": "slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64" }, "product_reference": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le" }, "product_reference": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x" }, "product_reference": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64" }, "product_reference": "slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64" }, "product_reference": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le" }, "product_reference": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x" }, "product_reference": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.src as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.src" }, "product_reference": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64" }, "product_reference": "softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64" }, "product_reference": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le" }, "product_reference": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x" }, "product_reference": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64" }, "product_reference": "softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64" }, "product_reference": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le" }, "product_reference": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x" }, "product_reference": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64" }, "product_reference": "softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64" }, "product_reference": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le" }, "product_reference": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x" }, "product_reference": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64 as a component of idm:DL1:8040020210319141752:1f8cbe47 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64" }, "product_reference": "softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47" }, { "category": "default_component_of", "full_product_name": { "name": "idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, "product_reference": "idm:client:8040020210319141812:479738cf", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.src as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.src" }, "product_reference": "ipa-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64 as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64" }, "product_reference": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le" }, "product_reference": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x" }, "product_reference": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64 as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64" }, "product_reference": "ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch" }, "product_reference": "ipa-client-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64 as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64" }, "product_reference": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le" }, "product_reference": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x" }, "product_reference": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64 as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64" }, "product_reference": "ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64 as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64" }, "product_reference": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le" }, "product_reference": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x" }, "product_reference": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64 as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64" }, "product_reference": "ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64 as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64" }, "product_reference": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le" }, "product_reference": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x" }, "product_reference": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64 as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64" }, "product_reference": "ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch" }, "product_reference": "ipa-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64 as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64" }, "product_reference": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le" }, "product_reference": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x" }, "product_reference": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64 as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64" }, "product_reference": "ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64 as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64" }, "product_reference": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le" }, "product_reference": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x" }, "product_reference": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64 as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64" }, "product_reference": "ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-healthcheck-0:0.7-3.module+el8.4.0+9008+94c5103b.src as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-healthcheck-0:0.7-3.module+el8.4.0+9008+94c5103b.src" }, "product_reference": "ipa-healthcheck-0:0.7-3.module+el8.4.0+9008+94c5103b.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9008+94c5103b.noarch as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9008+94c5103b.noarch" }, "product_reference": "ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9008+94c5103b.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-python-compat-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-python-compat-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch" }, "product_reference": "ipa-python-compat-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-selinux-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-selinux-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch" }, "product_reference": "ipa-selinux-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src" }, "product_reference": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src" }, "product_reference": "python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src" }, "product_reference": "python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ipaclient-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-ipaclient-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch" }, "product_reference": "python3-ipaclient-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ipalib-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-ipalib-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch" }, "product_reference": "python3-ipalib-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch" }, "product_reference": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch" }, "product_reference": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch" }, "product_reference": "python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch" }, "product_reference": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch" }, "product_reference": "python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" }, { "category": "default_component_of", "full_product_name": { "name": "pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src as a component of idm:client:8040020210319141812:479738cf as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src" }, "product_reference": "pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src", "relates_to_product_reference": "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-python-compat-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-selinux-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-dns-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipaclient-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipalib-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipaserver-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipatests-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.src", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-healthcheck-0:0.7-3.module+el8.4.0+9008+94c5103b.src", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9008+94c5103b.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-python-compat-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-selinux-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-ipaclient-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-ipalib-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T16:39:16+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-python-compat-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-selinux-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-dns-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipaclient-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipalib-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipaserver-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipatests-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.src", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-healthcheck-0:0.7-3.module+el8.4.0+9008+94c5103b.src", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9008+94c5103b.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-python-compat-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-selinux-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-ipaclient-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-ipalib-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1846" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debuginfo-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:bind-dyndb-ldap-debugsource-0:11.6-2.module+el8.4.0+9328+4ec4e316.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-healthcheck-0:0.7-3.module+el8.4.0+9007+5084bdd8.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9007+5084bdd8.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-python-compat-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-selinux-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-common-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-dns-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:ipa-server-trust-ad-debuginfo-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debuginfo-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:opendnssec-debugsource-0:2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipaclient-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipalib-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipaserver-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-ipatests-0:4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debuginfo-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:slapi-nis-debugsource-0:0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.src", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debuginfo-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-debugsource-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.aarch64", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.s390x", "AppStream-8.4.0.GA:idm:DL1:8040020210319141752:1f8cbe47:softhsm-devel-0:2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.src", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-epn-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-client-samba-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-common-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debuginfo-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-debugsource-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-healthcheck-0:0.7-3.module+el8.4.0+9008+94c5103b.src", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-healthcheck-core-0:0.7-3.module+el8.4.0+9008+94c5103b.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-python-compat-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:ipa-selinux-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-ipaclient-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-ipalib-0:4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch", "AppStream-8.4.0.GA:idm:client:8040020210319141812:479738cf:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" } ] }
rhsa-2020_3807
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat Virtualization Engine 4.4.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The org.ovirt.engine-root is a core component of oVirt.\n\nThe following packages have been upgraded to a later upstream version: ansible-runner-service (1.0.5), org.ovirt.engine-root (4.4.2.3), ovirt-engine-dwh (4.4.2.1), ovirt-engine-extension-aaa-ldap (1.4.1), ovirt-engine-ui-extensions (1.2.3), ovirt-log-collector (4.4.3), ovirt-web-ui (1.6.4), rhvm-branding-rhv (4.4.5), rhvm-dependencies (4.4.1), vdsm-jsonrpc-java (1.5.5). (BZ#1674420, BZ#1866734)\n\nA list of bugs fixed in this update is available in the Technical Notes\nbook:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes\n\nSecurity Fix(es):\n\n* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* ovirt-engine: Reflected cross site scripting vulnerability (CVE-2020-14333)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Cannot assign direct LUN from FC storage - grayed out (BZ#1625499)\n\n* VM portal always asks how to open console.vv even it has been set to default application. (BZ#1638217)\n\n* RESTAPI Not able to remove the QoS from a disk profile (BZ#1643520)\n\n* On OVA import, qemu-img fails to write to NFS storage domain (BZ#1748879)\n\n* Possible missing block path for a SCSI host device needs to be handled in the UI (BZ#1801206)\n\n* Scheduling Memory calculation disregards huge-pages (BZ#1804037)\n\n* Engine does not reduce scheduling memory when a VM with dynamic hugepages runs. (BZ#1804046)\n\n* In Admin Portal, \"Huge Pages (size: amount)\" needs to be clarified (BZ#1806339)\n\n* Refresh LUN is using host from different Data Center to scan the LUN (BZ#1838051)\n\n* Unable to create Windows VM\u0027s with Mozilla Firefox version 74.0.1 and greater for RHV-M GUI/Webadmin portal (BZ#1843234)\n\n* [RHV-CNV] - NPE when creating new VM in cnv cluster (BZ#1854488)\n\n* [CNV\u0026RHV] Add-Disk operation failed to complete. (BZ#1855377)\n\n* Cannot create KubeVirt VM as a normal user (BZ#1859460)\n\n* Welcome page - remove Metrics Store links and update \"Insights Guide\" link (BZ#1866466)\n\n* [RHV 4.4] Change in CPU model name after RHVH upgrade (BZ#1869209)\n\n* VM vm-name is down with error. Exit message: unsupported configuration: Can\u0027t add USB input device. USB bus is disabled. (BZ#1871235)\n\n* spec_ctrl host feature not detected (BZ#1875609)\n\nEnhancement(s):\n\n* [RFE] API for changed blocks/sectors for a disk for incremental backup usage (BZ#1139877)\n\n* [RFE] Improve workflow for storage migration of VMs with multiple disks (BZ#1749803)\n\n* [RFE] Move the Remove VM button to the drop down menu when viewing details such as snapshots (BZ#1763812)\n\n* [RFE] enhance search filter for Storage Domains with free argument (BZ#1819260)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:3807", "url": "https://access.redhat.com/errata/RHSA-2020:3807" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1625499", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625499" }, { "category": "external", "summary": "1638217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1638217" }, { "category": "external", "summary": "1643520", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1643520" }, { "category": "external", "summary": "1674420", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1674420" }, { "category": "external", "summary": "1748879", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1748879" }, { "category": "external", "summary": "1749803", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749803" }, { "category": "external", "summary": "1758024", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758024" }, { "category": "external", "summary": "1763812", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1763812" }, { "category": "external", "summary": "1778471", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1778471" }, { "category": "external", "summary": "1787854", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1787854" }, { "category": "external", "summary": "1801206", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801206" }, { "category": "external", "summary": "1803856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1803856" }, { "category": "external", "summary": "1804037", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804037" }, { "category": "external", "summary": "1804046", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804046" }, { "category": "external", "summary": "1806339", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806339" }, { "category": "external", "summary": "1816951", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816951" }, { "category": "external", "summary": "1819260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819260" }, { "category": "external", "summary": "1826255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826255" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "1831949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831949" }, { "category": "external", "summary": "1831952", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831952" }, { "category": "external", "summary": "1831954", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831954" }, { "category": "external", "summary": "1831956", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831956" }, { "category": "external", "summary": "1838051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1838051" }, { "category": "external", "summary": "1841112", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841112" }, { "category": "external", "summary": "1843234", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843234" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "1854488", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854488" }, { "category": "external", "summary": "1855377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855377" }, { "category": "external", "summary": "1857412", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857412" }, { "category": "external", "summary": "1858184", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858184" }, { "category": "external", "summary": "1859460", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1859460" }, { "category": "external", "summary": "1860907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860907" }, { "category": "external", "summary": "1866466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866466" }, { "category": "external", "summary": "1866734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866734" }, { "category": "external", "summary": "1869209", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869209" }, { "category": "external", "summary": "1869302", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869302" }, { "category": "external", "summary": "1871235", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1871235" }, { "category": "external", "summary": "1875609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875609" }, { "category": "external", "summary": "1875851", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875851" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3807.json" } ], "title": "Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-15T08:37:09+00:00", "generator": { "date": "2024-11-15T08:37:09+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:3807", "initial_release_date": "2020-09-23T16:12:36+00:00", "revision_history": [ { "date": "2020-09-23T16:12:36+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-09-23T16:12:36+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:37:09+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product": { "name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhev_manager:4.4:el8" } } } ], "category": "product_family", "name": "Red Hat Virtualization" }, { "branches": [ { "category": "product_version", "name": "ansible-runner-service-0:1.0.5-1.el8ev.noarch", "product": { "name": "ansible-runner-service-0:1.0.5-1.el8ev.noarch", "product_id": "ansible-runner-service-0:1.0.5-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ansible-runner-service@1.0.5-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-log-collector-0:4.4.3-1.el8ev.noarch", "product": { "name": "ovirt-log-collector-0:4.4.3-1.el8ev.noarch", "product_id": "ovirt-log-collector-0:4.4.3-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.3-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "rhvm-dependencies-0:4.4.1-1.el8ev.noarch", "product": { "name": "rhvm-dependencies-0:4.4.1-1.el8ev.noarch", "product_id": "rhvm-dependencies-0:4.4.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm-dependencies@4.4.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "vdsm-jsonrpc-java-0:1.5.5-1.el8ev.noarch", "product": { "name": "vdsm-jsonrpc-java-0:1.5.5-1.el8ev.noarch", "product_id": "vdsm-jsonrpc-java-0:1.5.5-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/vdsm-jsonrpc-java@1.5.5-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "rhvm-branding-rhv-0:4.4.5-1.el8ev.noarch", "product": { "name": "rhvm-branding-rhv-0:4.4.5-1.el8ev.noarch", "product_id": "rhvm-branding-rhv-0:4.4.5-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.4.5-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.noarch", "product": { "name": "ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.noarch", "product_id": "ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.2.3-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-web-ui-0:1.6.4-1.el8ev.noarch", "product": { "name": "ovirt-web-ui-0:1.6.4-1.el8ev.noarch", "product_id": "ovirt-web-ui-0:1.6.4-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-web-ui@1.6.4-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-0:4.4.2.1-1.el8ev.noarch", "product": { "name": "ovirt-engine-dwh-0:4.4.2.1-1.el8ev.noarch", "product_id": "ovirt-engine-dwh-0:4.4.2.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.4.2.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-grafana-integration-setup-0:4.4.2.1-1.el8ev.noarch", "product": { "name": "ovirt-engine-dwh-grafana-integration-setup-0:4.4.2.1-1.el8ev.noarch", "product_id": "ovirt-engine-dwh-grafana-integration-setup-0:4.4.2.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh-grafana-integration-setup@4.4.2.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-setup-0:4.4.2.1-1.el8ev.noarch", "product": { "name": "ovirt-engine-dwh-setup-0:4.4.2.1-1.el8ev.noarch", "product_id": "ovirt-engine-dwh-setup-0:4.4.2.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh-setup@4.4.2.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-backend-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-backend-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-backend-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-backend@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dbscripts-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-dbscripts-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-dbscripts-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dbscripts@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-health-check-bundler-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-health-check-bundler-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-health-check-bundler-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-health-check-bundler@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-restapi-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-restapi-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-restapi-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-restapi@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-setup-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-setup-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-base-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-setup-base-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-setup-base-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-base@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-cinderlib-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-cinderlib-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-cinderlib-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-imageio-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-imageio-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-imageio-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-tools-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-tools-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-tools-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-tools@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-tools-backup-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-tools-backup-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-tools-backup-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-tools-backup@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-webadmin-portal-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-webadmin-portal-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-webadmin-portal-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-webadmin-portal@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "ovirt-engine-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "ovirt-engine-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-websocket-proxy@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "python3-ovirt-engine-lib-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "python3-ovirt-engine-lib-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "python3-ovirt-engine-lib-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-ovirt-engine-lib@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "rhvm-0:4.4.2.3-0.6.el8ev.noarch", "product": { "name": "rhvm-0:4.4.2.3-0.6.el8ev.noarch", "product_id": "rhvm-0:4.4.2.3-0.6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm@4.4.2.3-0.6.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.noarch", "product": { "name": "ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.noarch", "product_id": "ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extension-aaa-ldap@1.4.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-extension-aaa-ldap-setup-0:1.4.1-1.el8ev.noarch", "product": { "name": "ovirt-engine-extension-aaa-ldap-setup-0:1.4.1-1.el8ev.noarch", "product_id": "ovirt-engine-extension-aaa-ldap-setup-0:1.4.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extension-aaa-ldap-setup@1.4.1-1.el8ev?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "ansible-runner-service-0:1.0.5-1.el8ev.src", "product": { "name": "ansible-runner-service-0:1.0.5-1.el8ev.src", "product_id": "ansible-runner-service-0:1.0.5-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ansible-runner-service@1.0.5-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-log-collector-0:4.4.3-1.el8ev.src", "product": { "name": "ovirt-log-collector-0:4.4.3-1.el8ev.src", "product_id": "ovirt-log-collector-0:4.4.3-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.3-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "rhvm-dependencies-0:4.4.1-1.el8ev.src", "product": { "name": "rhvm-dependencies-0:4.4.1-1.el8ev.src", "product_id": "rhvm-dependencies-0:4.4.1-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm-dependencies@4.4.1-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "vdsm-jsonrpc-java-0:1.5.5-1.el8ev.src", "product": { "name": "vdsm-jsonrpc-java-0:1.5.5-1.el8ev.src", "product_id": "vdsm-jsonrpc-java-0:1.5.5-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/vdsm-jsonrpc-java@1.5.5-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "rhvm-branding-rhv-0:4.4.5-1.el8ev.src", "product": { "name": "rhvm-branding-rhv-0:4.4.5-1.el8ev.src", "product_id": "rhvm-branding-rhv-0:4.4.5-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.4.5-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.src", "product": { "name": "ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.src", "product_id": "ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.2.3-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-web-ui-0:1.6.4-1.el8ev.src", "product": { "name": "ovirt-web-ui-0:1.6.4-1.el8ev.src", "product_id": "ovirt-web-ui-0:1.6.4-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-web-ui@1.6.4-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-0:4.4.2.1-1.el8ev.src", "product": { "name": "ovirt-engine-dwh-0:4.4.2.1-1.el8ev.src", "product_id": "ovirt-engine-dwh-0:4.4.2.1-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.4.2.1-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-0:4.4.2.3-0.6.el8ev.src", "product": { "name": "ovirt-engine-0:4.4.2.3-0.6.el8ev.src", "product_id": "ovirt-engine-0:4.4.2.3-0.6.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine@4.4.2.3-0.6.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.src", "product": { "name": "ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.src", "product_id": "ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extension-aaa-ldap@1.4.1-1.el8ev?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "ansible-runner-service-0:1.0.5-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.noarch" }, "product_reference": "ansible-runner-service-0:1.0.5-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ansible-runner-service-0:1.0.5-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.src" }, "product_reference": "ansible-runner-service-0:1.0.5-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-0:4.4.2.3-0.6.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.src" }, "product_reference": "ovirt-engine-0:4.4.2.3-0.6.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-backend-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-backend-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dbscripts-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-dbscripts-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-0:4.4.2.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.noarch" }, "product_reference": "ovirt-engine-dwh-0:4.4.2.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-0:4.4.2.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.src" }, "product_reference": "ovirt-engine-dwh-0:4.4.2.1-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-grafana-integration-setup-0:4.4.2.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.2.1-1.el8ev.noarch" }, "product_reference": "ovirt-engine-dwh-grafana-integration-setup-0:4.4.2.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-setup-0:4.4.2.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.2.1-1.el8ev.noarch" }, "product_reference": "ovirt-engine-dwh-setup-0:4.4.2.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.noarch" }, "product_reference": "ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.src" }, "product_reference": "ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extension-aaa-ldap-setup-0:1.4.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.1-1.el8ev.noarch" }, "product_reference": "ovirt-engine-extension-aaa-ldap-setup-0:1.4.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-health-check-bundler-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-health-check-bundler-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-restapi-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-restapi-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-base-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-base-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-cinderlib-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-cinderlib-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-imageio-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-imageio-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-tools-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-tools-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-tools-backup-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-tools-backup-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.noarch" }, "product_reference": "ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.src" }, "product_reference": "ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-webadmin-portal-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-webadmin-portal-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "ovirt-engine-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-log-collector-0:4.4.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.noarch" }, "product_reference": "ovirt-log-collector-0:4.4.3-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-log-collector-0:4.4.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.src" }, "product_reference": "ovirt-log-collector-0:4.4.3-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-web-ui-0:1.6.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.noarch" }, "product_reference": "ovirt-web-ui-0:1.6.4-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-web-ui-0:1.6.4-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.src" }, "product_reference": "ovirt-web-ui-0:1.6.4-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ovirt-engine-lib-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "python3-ovirt-engine-lib-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-0:4.4.2.3-0.6.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-0:4.4.2.3-0.6.el8ev.noarch" }, "product_reference": "rhvm-0:4.4.2.3-0.6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-branding-rhv-0:4.4.5-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.noarch" }, "product_reference": "rhvm-branding-rhv-0:4.4.5-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-branding-rhv-0:4.4.5-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.src" }, "product_reference": "rhvm-branding-rhv-0:4.4.5-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-dependencies-0:4.4.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.noarch" }, "product_reference": "rhvm-dependencies-0:4.4.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-dependencies-0:4.4.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.src" }, "product_reference": "rhvm-dependencies-0:4.4.1-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "vdsm-jsonrpc-java-0:1.5.5-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.noarch" }, "product_reference": "vdsm-jsonrpc-java-0:1.5.5-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "vdsm-jsonrpc-java-0:1.5.5-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.src" }, "product_reference": "vdsm-jsonrpc-java-0:1.5.5-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-8203", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2020-07-15T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1857412" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-lodash in versions 4.17.15 and earlier. A prototype pollution attack is possible which can lead to arbitrary code execution. The primary threat from this vulnerability is to data integrity and system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-lodash: prototype pollution in zipObjectDeep function", "title": "Vulnerability summary" }, { "category": "other", "text": "In OpenShift ServiceMesh (OSSM), Red Hat OpenShift Jaeger (RHOSJ) and Red Hat OpenShift Container Platform (RHOCP), the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable nodejs-lodash library to authenticated users only, therefore the impact is low.\n\nRed Hat OpenShift Container Platform 4 delivers the kibana package where the nodejs-lodash library is used, but due to the code changing to the container first content the kibana package is marked as wontfix. This may be fixed in the future.\n\nRed Hat Virtualization uses vulnerable version of nodejs-lodash, however zipObjectDeep is not used, therefore the impact is low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.src" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-8203" }, { "category": "external", "summary": "RHBZ#1857412", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857412" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-8203", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8203" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8203", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8203" }, { "category": "external", "summary": "https://hackerone.com/reports/712065", "url": "https://hackerone.com/reports/712065" }, { "category": "external", "summary": "https://www.npmjs.com/advisories/1523", "url": "https://www.npmjs.com/advisories/1523" } ], "release_date": "2020-04-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-23T16:12:36+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3807" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-lodash: prototype pollution in zipObjectDeep function" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.src" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-23T16:12:36+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3807" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.src" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-23T16:12:36+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3807" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "acknowledgments": [ { "names": [ "Chen Huiliang", "Chen RuiQi" ], "organization": "Qianxin CodeSafe Team" } ], "cve": "CVE-2020-14333", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-07-16T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1858184" } ], "notes": [ { "category": "description", "text": "A flaw was found in the web interface of ovirt-engine 4.4.2 and earlier, where it did not filter user-controllable parameters completely, resulting in a reflected cross-site scripting attack. This flaw allows an attacker to leverage a phishing attack, steal an unsuspecting user\u0027s cookies or other confidential information, or impersonate them within the application\u0027s context.", "title": "Vulnerability description" }, { "category": "summary", "text": "ovirt-engine: Reflected cross site scripting vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.4.2.3-0.6.el8ev.noarch" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.2.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.2.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.5-1.el8ev.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-14333" }, { "category": "external", "summary": "RHBZ#1858184", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858184" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14333", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14333" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14333", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14333" } ], "release_date": "2020-08-17T09:30:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-23T16:12:36+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.4.2.3-0.6.el8ev.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3807" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.2.3-0.6.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.2.3-0.6.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.4.2.3-0.6.el8ev.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ovirt-engine: Reflected cross site scripting vulnerability" } ] }
rhsa-2021_4142
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Low" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for pcs is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nThe following packages have been upgraded to a later upstream version: pcs (0.10.10). (BZ#1935594)\n\nSecurity Fix(es):\n\n* jquery: Cross-site scripting (XSS) via \u003cscript\u003e HTML tags containing whitespaces (CVE-2020-7656)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods (CVE-2020-11023)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:4142", "url": "https://access.redhat.com/errata/RHSA-2021:4142" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#low", "url": "https://access.redhat.com/security/updates/classification/#low" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/" }, { "category": "external", "summary": "1290830", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290830" }, { "category": "external", "summary": "1432097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1432097" }, { "category": "external", "summary": "1678273", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678273" }, { "category": "external", "summary": "1690419", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690419" }, { "category": "external", "summary": "1720221", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720221" }, { "category": "external", "summary": "1759995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1759995" }, { "category": "external", "summary": "1841019", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841019" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "1850119", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850119" }, { "category": "external", "summary": "1854238", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854238" }, { "category": "external", "summary": "1872378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1872378" }, { "category": "external", "summary": "1885293", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885293" }, { "category": "external", "summary": "1885302", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885302" }, { "category": "external", "summary": "1896458", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1896458" }, { "category": "external", "summary": "1909901", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909901" }, { "category": "external", "summary": "1922996", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922996" }, { "category": "external", "summary": "1927384", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927384" }, { "category": "external", "summary": "1927394", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927394" }, { "category": "external", "summary": "1930886", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930886" }, { "category": "external", "summary": "1935594", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1935594" }, { "category": "external", "summary": "1984901", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1984901" }, { "category": "external", "summary": "1991654", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991654" }, { "category": "external", "summary": "1992668", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992668" }, { "category": "external", "summary": "1998454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1998454" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_4142.json" } ], "title": "Red Hat Security Advisory: pcs security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-15T09:43:03+00:00", "generator": { "date": "2024-11-15T09:43:03+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:4142", "initial_release_date": "2021-11-09T17:49:34+00:00", "revision_history": [ { "date": "2021-11-09T17:49:34+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-11-09T17:49:34+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T09:43:03+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux High Availability (v. 8)", "product": { "name": "Red Hat Enterprise Linux High Availability (v. 8)", "product_id": "HighAvailability-8.5.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::highavailability" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Resilient Storage (v. 8)", "product": { "name": "Red Hat Enterprise Linux Resilient Storage (v. 8)", "product_id": "ResilientStorage-8.5.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::resilientstorage" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "pcs-0:0.10.10-4.el8.src", "product": { "name": "pcs-0:0.10.10-4.el8.src", "product_id": "pcs-0:0.10.10-4.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs@0.10.10-4.el8?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "pcs-0:0.10.10-4.el8.aarch64", "product": { "name": "pcs-0:0.10.10-4.el8.aarch64", "product_id": "pcs-0:0.10.10-4.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs@0.10.10-4.el8?arch=aarch64" } } }, { "category": "product_version", "name": "pcs-snmp-0:0.10.10-4.el8.aarch64", "product": { "name": "pcs-snmp-0:0.10.10-4.el8.aarch64", "product_id": "pcs-snmp-0:0.10.10-4.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs-snmp@0.10.10-4.el8?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "pcs-0:0.10.10-4.el8.ppc64le", "product": { "name": "pcs-0:0.10.10-4.el8.ppc64le", "product_id": "pcs-0:0.10.10-4.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs@0.10.10-4.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "pcs-snmp-0:0.10.10-4.el8.ppc64le", "product": { "name": "pcs-snmp-0:0.10.10-4.el8.ppc64le", "product_id": "pcs-snmp-0:0.10.10-4.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs-snmp@0.10.10-4.el8?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "pcs-0:0.10.10-4.el8.x86_64", "product": { "name": "pcs-0:0.10.10-4.el8.x86_64", "product_id": "pcs-0:0.10.10-4.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs@0.10.10-4.el8?arch=x86_64" } } }, { "category": "product_version", "name": "pcs-snmp-0:0.10.10-4.el8.x86_64", "product": { "name": "pcs-snmp-0:0.10.10-4.el8.x86_64", "product_id": "pcs-snmp-0:0.10.10-4.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs-snmp@0.10.10-4.el8?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "pcs-0:0.10.10-4.el8.s390x", "product": { "name": "pcs-0:0.10.10-4.el8.s390x", "product_id": "pcs-0:0.10.10-4.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs@0.10.10-4.el8?arch=s390x" } } }, { "category": "product_version", "name": "pcs-snmp-0:0.10.10-4.el8.s390x", "product": { "name": "pcs-snmp-0:0.10.10-4.el8.s390x", "product_id": "pcs-snmp-0:0.10.10-4.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs-snmp@0.10.10-4.el8?arch=s390x" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.10.10-4.el8.aarch64 as a component of Red Hat Enterprise Linux High Availability (v. 8)", "product_id": "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64" }, "product_reference": "pcs-0:0.10.10-4.el8.aarch64", "relates_to_product_reference": "HighAvailability-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.10.10-4.el8.ppc64le as a component of Red Hat Enterprise Linux High Availability (v. 8)", "product_id": "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le" }, "product_reference": "pcs-0:0.10.10-4.el8.ppc64le", "relates_to_product_reference": "HighAvailability-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.10.10-4.el8.s390x as a component of Red Hat Enterprise Linux High Availability (v. 8)", "product_id": "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x" }, "product_reference": "pcs-0:0.10.10-4.el8.s390x", "relates_to_product_reference": "HighAvailability-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.10.10-4.el8.src as a component of Red Hat Enterprise Linux High Availability (v. 8)", "product_id": "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src" }, "product_reference": "pcs-0:0.10.10-4.el8.src", "relates_to_product_reference": "HighAvailability-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.10.10-4.el8.x86_64 as a component of Red Hat Enterprise Linux High Availability (v. 8)", "product_id": "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64" }, "product_reference": "pcs-0:0.10.10-4.el8.x86_64", "relates_to_product_reference": "HighAvailability-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-snmp-0:0.10.10-4.el8.aarch64 as a component of Red Hat Enterprise Linux High Availability (v. 8)", "product_id": "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64" }, "product_reference": "pcs-snmp-0:0.10.10-4.el8.aarch64", "relates_to_product_reference": "HighAvailability-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-snmp-0:0.10.10-4.el8.ppc64le as a component of Red Hat Enterprise Linux High Availability (v. 8)", "product_id": "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le" }, "product_reference": "pcs-snmp-0:0.10.10-4.el8.ppc64le", "relates_to_product_reference": "HighAvailability-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-snmp-0:0.10.10-4.el8.s390x as a component of Red Hat Enterprise Linux High Availability (v. 8)", "product_id": "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x" }, "product_reference": "pcs-snmp-0:0.10.10-4.el8.s390x", "relates_to_product_reference": "HighAvailability-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-snmp-0:0.10.10-4.el8.x86_64 as a component of Red Hat Enterprise Linux High Availability (v. 8)", "product_id": "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64" }, "product_reference": "pcs-snmp-0:0.10.10-4.el8.x86_64", "relates_to_product_reference": "HighAvailability-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.10.10-4.el8.aarch64 as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)", "product_id": "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64" }, "product_reference": "pcs-0:0.10.10-4.el8.aarch64", "relates_to_product_reference": "ResilientStorage-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.10.10-4.el8.ppc64le as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)", "product_id": "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le" }, "product_reference": "pcs-0:0.10.10-4.el8.ppc64le", "relates_to_product_reference": "ResilientStorage-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.10.10-4.el8.s390x as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)", "product_id": "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x" }, "product_reference": "pcs-0:0.10.10-4.el8.s390x", "relates_to_product_reference": "ResilientStorage-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.10.10-4.el8.src as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)", "product_id": "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src" }, "product_reference": "pcs-0:0.10.10-4.el8.src", "relates_to_product_reference": "ResilientStorage-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.10.10-4.el8.x86_64 as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)", "product_id": "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64" }, "product_reference": "pcs-0:0.10.10-4.el8.x86_64", "relates_to_product_reference": "ResilientStorage-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-snmp-0:0.10.10-4.el8.aarch64 as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)", "product_id": "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64" }, "product_reference": "pcs-snmp-0:0.10.10-4.el8.aarch64", "relates_to_product_reference": "ResilientStorage-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-snmp-0:0.10.10-4.el8.ppc64le as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)", "product_id": "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le" }, "product_reference": "pcs-snmp-0:0.10.10-4.el8.ppc64le", "relates_to_product_reference": "ResilientStorage-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-snmp-0:0.10.10-4.el8.s390x as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)", "product_id": "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x" }, "product_reference": "pcs-snmp-0:0.10.10-4.el8.s390x", "relates_to_product_reference": "ResilientStorage-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-snmp-0:0.10.10-4.el8.x86_64 as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)", "product_id": "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64" }, "product_reference": "pcs-snmp-0:0.10.10-4.el8.x86_64", "relates_to_product_reference": "ResilientStorage-8.5.0.GA" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-11358", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-03-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1701972" } ], "notes": [ { "category": "description", "text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11358" }, { "category": "external", "summary": "RHBZ#1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "category": "external", "summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "category": "external", "summary": "https://www.drupal.org/sa-core-2019-006", "url": "https://www.drupal.org/sa-core-2019-006" } ], "release_date": "2019-03-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-09T17:49:34+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4142" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection" }, { "cve": "CVE-2020-7656", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850119" } ], "notes": [ { "category": "description", "text": "A flaw was found in jquery in versions prior to 1.9.0. A cross-site scripting attack is possible as the load method fails to recognize and remove \"\u003cscript\u003e\" HTML tags that contain a whitespace character which results in the enclosed script logic to be executed. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting (XSS) via \u003cscript\u003e HTML tags containing whitespaces", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux version 6, 7 and 8 ship a vulnerable version of JQuery in the `pcs` component. However the vulnerable has not been found to be exploitable in reasonable scenarios. A future update may update JQuery to a fixed version.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7656" }, { "category": "external", "summary": "RHBZ#1850119", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850119" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7656", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7656" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7656", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7656" } ], "release_date": "2020-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-09T17:49:34+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4142" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Cross-site scripting (XSS) via \u003cscript\u003e HTML tags containing whitespaces" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-09T17:49:34+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4142" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src", "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x", "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" } ] }
rhsa-2021_0778
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat Ansible Tower 3.6.7-1 - RHEL7 Container\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Security Fix(es):\n\n* Addressed a security issue which can allow a malicious playbook author to elevate to the awx user from outside the isolated environment: CVE-2021-20253\n* Upgraded to a more recent version of nginx to address CVE-2019-20372\n* Upgraded to a more recent version of autobahn to address CVE-2020-35678\n* Upgraded to a more recent version of jquery to address CVE-2020-11022 and CVE-2020-11023\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:0778", "url": "https://access.redhat.com/errata/RHSA-2021:0778" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1790277", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790277" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "1911314", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1911314" }, { "category": "external", "summary": "1928847", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928847" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0778.json" } ], "title": "Red Hat Security Advisory: Red Hat Ansible Tower 3.6.7-1 - Container security and bug fix update", "tracking": { "current_release_date": "2024-11-15T08:42:34+00:00", "generator": { "date": "2024-11-15T08:42:34+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:0778", "initial_release_date": "2021-03-09T15:50:37+00:00", "revision_history": [ { "date": "2021-03-09T15:50:37+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-03-09T15:50:37+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:42:34+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Ansible Tower 3.6 for RHEL 7", "product": { "name": "Red Hat Ansible Tower 3.6 for RHEL 7", "product_id": "7Server-Ansible-Tower-3.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:ansible_tower:3.6::el7" } } } ], "category": "product_family", "name": "Red Hat Ansible Tower" }, { "branches": [ { "category": "product_version", "name": "ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64", "product": { "name": "ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64", "product_id": "ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64", "product_identification_helper": { "purl": "pkg:oci/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28?arch=amd64\u0026repository_url=registry.redhat.io/ansible-tower-36/ansible-tower\u0026tag=3.6.7-1" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64 as a component of Red Hat Ansible Tower 3.6 for RHEL 7", "product_id": "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" }, "product_reference": "ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64", "relates_to_product_reference": "7Server-Ansible-Tower-3.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-20372", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2020-01-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1790277" } ], "notes": [ { "category": "description", "text": "NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.", "title": "Vulnerability description" }, { "category": "summary", "text": "nginx: HTTP request smuggling in configurations with URL redirect used as error_page", "title": "Vulnerability summary" }, { "category": "other", "text": "Ansible Tower 3.5 and 3.6 are not vulnerable by default as are not using error_page variable in the nginx configuration. However, Ansible Tower 3.5 and 3.6 are distributing nginx 1.14 and 1.16 vulnerable versions as a dependency and configuration could be modified making it vulnerable.\n\nRed Hat CloudForms Management Engine 5.9 and 5.10 are not vulnerable by default as are not using error_page variable in the nginx configuration. However, both mentioned builds ships vulnerable nginx versions 1.10 and 1.14 respectively. CloudForms 5.11 does not use nginx directly hence it is not vulnerable.\n\nRed Hat Quay\u0027s configuration of nginx means it\u0027s not affected by this issue. It doesn\u0027t use error_page to do a 302 redirect. It\u0027s only use of error_page uses a named location ie:\nerror_page 404 /404.html;\n location = /40x.html {\n }\nerror_page 500 502 503 504 /50x.html;\n location = /50x.html {\n}", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-20372" }, { "category": "external", "summary": "RHBZ#1790277", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790277" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-20372", "url": "https://www.cve.org/CVERecord?id=CVE-2019-20372" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20372", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20372" } ], "release_date": "2020-01-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-03-09T15:50:37+00:00", "details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", "product_ids": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0778" }, { "category": "workaround", "details": "To mitigate this issue, use a named location instead of having the error_page handler do the redirect, this configuration is not vulnerable to request smuggling on all versions of NGINX we tested.\nserver {\n listen 80;\n server_name localhost;\n error_page 401 @401;\n location / {\n return 401;\n }\n location @401 {\n return 302 http://example.org;\n }\n}", "product_ids": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nginx: HTTP request smuggling in configurations with URL redirect used as error_page" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-03-09T15:50:37+00:00", "details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", "product_ids": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0778" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-03-09T15:50:37+00:00", "details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", "product_ids": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0778" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "cve": "CVE-2020-35678", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2020-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1911314" } ], "notes": [ { "category": "description", "text": "A flaw was found in python-autobahn, where it allows redirect header injection. The highest threat from this vulnerability is to confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-autobahn: allows redirect header injection", "title": "Vulnerability summary" }, { "category": "other", "text": "In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-autobahn package.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-35678" }, { "category": "external", "summary": "RHBZ#1911314", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1911314" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-35678", "url": "https://www.cve.org/CVERecord?id=CVE-2020-35678" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35678", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35678" } ], "release_date": "2020-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-03-09T15:50:37+00:00", "details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", "product_ids": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0778" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N", "version": "3.1" }, "products": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-autobahn: allows redirect header injection" }, { "acknowledgments": [ { "names": [ "Matei Mal Badanoiu" ], "organization": "Deloitte Romania" } ], "cve": "CVE-2021-20253", "cwe": { "id": "CWE-552", "name": "Files or Directories Accessible to External Parties" }, "discovery_date": "2021-02-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1928847" } ], "notes": [ { "category": "description", "text": "A flaw was found in ansible-tower. The default installation is vulnerable to Job Isolation escape allowing an attacker to elevate the privilege from a low privileged user to the awx user from outside the isolated environment. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "ansible-tower: Privilege escalation via job isolation escape", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-20253" }, { "category": "external", "summary": "RHBZ#1928847", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928847" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-20253", "url": "https://www.cve.org/CVERecord?id=CVE-2021-20253" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20253", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20253" } ], "release_date": "2021-03-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-03-09T15:50:37+00:00", "details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", "product_ids": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0778" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.", "product_ids": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:b693ff9d898bc14a776b881bc8c868a7c3472456d6f009bb81d4dd5f85835e28_amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "ansible-tower: Privilege escalation via job isolation escape" } ] }
rhsa-2023_0552
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0552", "url": "https://access.redhat.com/errata/RHSA-2023:0552" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/" }, { "category": "external", "summary": "1399546", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546" }, { "category": "external", "summary": "1553413", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413" }, { "category": "external", "summary": "1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "1601616", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616" }, { "category": "external", "summary": "1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "1668097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097" }, { "category": "external", "summary": "1686454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454" }, { "category": "external", "summary": "1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "2124682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682" }, { "category": "external", "summary": "2134291", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291" }, { "category": "external", "summary": "2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "JBEAP-23864", "url": "https://issues.redhat.com/browse/JBEAP-23864" }, { "category": "external", "summary": "JBEAP-23865", "url": "https://issues.redhat.com/browse/JBEAP-23865" }, { "category": "external", "summary": "JBEAP-23866", "url": "https://issues.redhat.com/browse/JBEAP-23866" }, { "category": "external", "summary": "JBEAP-23926", "url": "https://issues.redhat.com/browse/JBEAP-23926" }, { "category": "external", "summary": "JBEAP-24055", "url": "https://issues.redhat.com/browse/JBEAP-24055" }, { "category": "external", "summary": "JBEAP-24081", "url": "https://issues.redhat.com/browse/JBEAP-24081" }, { "category": "external", "summary": "JBEAP-24095", "url": "https://issues.redhat.com/browse/JBEAP-24095" }, { "category": "external", "summary": "JBEAP-24100", "url": "https://issues.redhat.com/browse/JBEAP-24100" }, { "category": "external", "summary": "JBEAP-24127", "url": "https://issues.redhat.com/browse/JBEAP-24127" }, { "category": "external", "summary": "JBEAP-24128", "url": "https://issues.redhat.com/browse/JBEAP-24128" }, { "category": "external", "summary": "JBEAP-24132", "url": "https://issues.redhat.com/browse/JBEAP-24132" }, { "category": "external", "summary": "JBEAP-24147", "url": "https://issues.redhat.com/browse/JBEAP-24147" }, { "category": "external", "summary": "JBEAP-24167", "url": "https://issues.redhat.com/browse/JBEAP-24167" }, { "category": "external", "summary": "JBEAP-24191", "url": "https://issues.redhat.com/browse/JBEAP-24191" }, { "category": "external", "summary": "JBEAP-24195", "url": "https://issues.redhat.com/browse/JBEAP-24195" }, { "category": "external", "summary": "JBEAP-24207", "url": "https://issues.redhat.com/browse/JBEAP-24207" }, { "category": "external", "summary": "JBEAP-24248", "url": "https://issues.redhat.com/browse/JBEAP-24248" }, { "category": "external", "summary": "JBEAP-24426", "url": "https://issues.redhat.com/browse/JBEAP-24426" }, { "category": "external", "summary": "JBEAP-24427", "url": "https://issues.redhat.com/browse/JBEAP-24427" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0552.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update", "tracking": { "current_release_date": "2024-11-15T13:21:43+00:00", "generator": { "date": "2024-11-15T13:21:43+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:0552", "initial_release_date": "2023-01-31T13:15:22+00:00", "revision_history": [ { "date": "2023-01-31T13:15:22+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-01-31T13:15:22+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T13:21:43+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product": { "name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src", "product": { "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src", "product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "product": { "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.3-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "product": { "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "product": { "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "product": { "name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "product_id": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.7-1.redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "product": { "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "product": { "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "product": { "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "product": { "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "product": { "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "product": { "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "product": { "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "product": { "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el7eap?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.7-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.7-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.3-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "product_id": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise@1.0.1-3.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.7-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.7-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.7-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jms@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search-engine@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search-orm@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-search-serialization-avro@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.16-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-24.Final_redhat_00023.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-24.Final_redhat_00023.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "product_id": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "product_id": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "product_id": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "product_id": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src" }, "product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src" }, "product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src" }, "product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src" }, "product_reference": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src" }, "product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src" }, "product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src" }, "product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src" }, "product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src" }, "product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src" }, "product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-9251", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2016-11-27T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1399546" } ], "notes": [ { "category": "description", "text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting via cross-domain ajax requests", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-9251" }, { "category": "external", "summary": "RHBZ#1399546", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251", "url": "https://www.cve.org/CVERecord?id=CVE-2015-9251" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251" } ], "release_date": "2015-06-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Cross-site scripting via cross-domain ajax requests" }, { "cve": "CVE-2016-10735", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-01-09T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1668097" } ], "notes": [ { "category": "description", "text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: XSS in the data-target attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-10735" }, { "category": "external", "summary": "RHBZ#1668097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735", "url": "https://www.cve.org/CVERecord?id=CVE-2016-10735" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735" } ], "release_date": "2016-06-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: XSS in the data-target attribute" }, { "cve": "CVE-2017-18214", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2018-03-08T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1553413" } ], "notes": [ { "category": "description", "text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-moment: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-18214" }, { "category": "external", "summary": "RHBZ#1553413", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18214" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214" } ], "release_date": "2017-09-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-moment: Regular expression denial of service" }, { "cve": "CVE-2018-14040", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601614" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14040" }, { "category": "external", "summary": "RHBZ#1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14040" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute" }, { "cve": "CVE-2018-14041", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601616" } ], "notes": [ { "category": "description", "text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14041" }, { "category": "external", "summary": "RHBZ#1601616", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14041" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy" }, { "cve": "CVE-2018-14042", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601617" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14042" }, { "category": "external", "summary": "RHBZ#1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14042" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip" }, { "cve": "CVE-2019-8331", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-02-20T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1686454" } ], "notes": [ { "category": "description", "text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: XSS in the tooltip or popover data-template attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-8331" }, { "category": "external", "summary": "RHBZ#1686454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8331" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331" } ], "release_date": "2019-02-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "bootstrap: XSS in the tooltip or popover data-template attribute" }, { "cve": "CVE-2019-11358", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-03-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1701972" } ], "notes": [ { "category": "description", "text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11358" }, { "category": "external", "summary": "RHBZ#1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "category": "external", "summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "category": "external", "summary": "https://www.drupal.org/sa-core-2019-006", "url": "https://www.drupal.org/sa-core-2019-006" } ], "release_date": "2019-03-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "cve": "CVE-2022-3143", "cwe": { "id": "CWE-208", "name": "Observable Timing Discrepancy" }, "discovery_date": "2022-09-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2124682" } ], "notes": [ { "category": "description", "text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly-elytron: possible timing attacks via use of unsafe comparator", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3143" }, { "category": "external", "summary": "RHBZ#2124682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3143" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143" } ], "release_date": "2022-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "wildfly-elytron: possible timing attacks via use of unsafe comparator" }, { "cve": "CVE-2022-40149", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-10-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135771" } ], "notes": [ { "category": "description", "text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: parser crash by stackoverflow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40149" }, { "category": "external", "summary": "RHBZ#2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40149" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: parser crash by stackoverflow" }, { "cve": "CVE-2022-40150", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-10-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135770" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: memory exhaustion via user-supplied XML or JSON data", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40150" }, { "category": "external", "summary": "RHBZ#2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jettison: memory exhaustion via user-supplied XML or JSON data" }, { "cve": "CVE-2022-40152", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-10-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134291" } ], "notes": [ { "category": "description", "text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.", "title": "Vulnerability description" }, { "category": "summary", "text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40152" }, { "category": "external", "summary": "RHBZ#2134291", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40152" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4", "url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4" } ], "release_date": "2022-09-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks" }, { "cve": "CVE-2022-42003", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135244" } ], "notes": [ { "category": "description", "text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42003" }, { "category": "external", "summary": "RHBZ#2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS" }, { "cve": "CVE-2022-42004", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135247" } ], "notes": [ { "category": "description", "text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: use of deeply nested arrays", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42004" }, { "category": "external", "summary": "RHBZ#2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: use of deeply nested arrays" }, { "cve": "CVE-2022-45047", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-11-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2145194" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.", "title": "Vulnerability description" }, { "category": "summary", "text": "mina-sshd: Java unsafe deserialization vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45047" }, { "category": "external", "summary": "RHBZ#2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45047" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047" }, { "category": "external", "summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html", "url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html" } ], "release_date": "2022-11-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" }, { "category": "workaround", "details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mina-sshd: Java unsafe deserialization vulnerability" }, { "cve": "CVE-2022-45693", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-12-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155970" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src" ], "known_not_affected": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45693" }, { "category": "external", "summary": "RHBZ#2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45693" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos" }, { "cve": "CVE-2022-46364", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2022-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155682" } ], "notes": [ { "category": "description", "text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.", "title": "Vulnerability description" }, { "category": "summary", "text": "CXF: SSRF Vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46364" }, { "category": "external", "summary": "RHBZ#2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46364" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364" }, { "category": "external", "summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2", "url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-31T13:15:22+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0552" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "CXF: SSRF Vulnerability" } ] }
rhsa-2023_1043
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.2 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* keycloak: reflected XSS attack (CVE-2022-4137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1043", "url": "https://access.redhat.com/errata/RHSA-2023:1043" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "2031904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904" }, { "category": "external", "summary": "2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "2072009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009" }, { "category": "external", "summary": "2073157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157" }, { "category": "external", "summary": "2105075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075" }, { "category": "external", "summary": "2117506", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506" }, { "category": "external", "summary": "2126789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789" }, { "category": "external", "summary": "2129706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706" }, { "category": "external", "summary": "2129707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707" }, { "category": "external", "summary": "2129709", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709" }, { "category": "external", "summary": "2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "2138971", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971" }, { "category": "external", "summary": "2140597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597" }, { "category": "external", "summary": "2141404", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404" }, { "category": "external", "summary": "2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "2148496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496" }, { "category": "external", "summary": "2150009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009" }, { "category": "external", "summary": "2155681", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681" }, { "category": "external", "summary": "2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "2158585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585" }, { "category": "external", "summary": "2160585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1043.json" } ], "title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 7", "tracking": { "current_release_date": "2024-11-21T21:15:30+00:00", "generator": { "date": "2024-11-21T21:15:30+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1043", "initial_release_date": "2023-03-01T22:02:40+00:00", "revision_history": [ { "date": "2023-03-01T22:02:40+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-01T22:02:40+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-21T21:15:30+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Single Sign-On 7.6 for RHEL 7 Server", "product": { "name": "Red Hat Single Sign-On 7.6 for RHEL 7 Server", "product_id": "7Server-RHSSO-7.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7" } } } ], "category": "product_family", "name": "Red Hat Single Sign-On" }, { "branches": [ { "category": "product_version", "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "product": { "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el7sso?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "product": { "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el7sso?arch=noarch" } } }, { "category": "product_version", "name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "product": { "name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "product_id": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@18.0.6-1.redhat_00001.1.el7sso?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 7 Server", "product_id": "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch" }, "product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "relates_to_product_reference": "7Server-RHSSO-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src as a component of Red Hat Single Sign-On 7.6 for RHEL 7 Server", "product_id": "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src" }, "product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "relates_to_product_reference": "7Server-RHSSO-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 7 Server", "product_id": "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" }, "product_reference": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "relates_to_product_reference": "7Server-RHSSO-7.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-14040", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601614" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14040" }, { "category": "external", "summary": "RHBZ#1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14040" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute" }, { "cve": "CVE-2018-14042", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601617" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14042" }, { "category": "external", "summary": "RHBZ#1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14042" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip" }, { "cve": "CVE-2019-11358", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-03-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1701972" } ], "notes": [ { "category": "description", "text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11358" }, { "category": "external", "summary": "RHBZ#1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "category": "external", "summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "category": "external", "summary": "https://www.drupal.org/sa-core-2019-006", "url": "https://www.drupal.org/sa-core-2019-006" } ], "release_date": "2019-03-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "cve": "CVE-2021-35065", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156324" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "glob-parent: Regular Expression Denial of Service", "title": "Vulnerability summary" }, { "category": "other", "text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-35065" }, { "category": "external", "summary": "RHBZ#2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065", "url": "https://www.cve.org/CVERecord?id=CVE-2021-35065" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294", "url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294" } ], "release_date": "2022-12-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "glob-parent: Regular Expression Denial of Service" }, { "cve": "CVE-2021-44906", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2066009" } ], "notes": [ { "category": "description", "text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "minimist: prototype pollution", "title": "Vulnerability summary" }, { "category": "other", "text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44906" }, { "category": "external", "summary": "RHBZ#2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h", "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h" } ], "release_date": "2022-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "minimist: prototype pollution" }, { "acknowledgments": [ { "names": [ "Marcus Nilsson" ], "organization": "usd AG" } ], "cve": "CVE-2022-1274", "cwe": { "id": "CWE-80", "name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)" }, "discovery_date": "2022-04-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2073157" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: HTML injection in execute-actions-email Admin REST API", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-1274" }, { "category": "external", "summary": "RHBZ#2073157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1274" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274" }, { "category": "external", "summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725", "url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725" } ], "release_date": "2023-02-28T18:57:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: HTML injection in execute-actions-email Admin REST API" }, { "acknowledgments": [ { "names": [ "Grzegorz Tworek" ], "organization": "SISOFT s.c." } ], "cve": "CVE-2022-1438", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2021-12-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2031904" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: XSS on impersonation under specific circumstances", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-1438" }, { "category": "external", "summary": "RHBZ#2031904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1438" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438" } ], "release_date": "2023-02-28T18:56:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: XSS on impersonation under specific circumstances" }, { "cve": "CVE-2022-1471", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-12-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150009" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).", "title": "Vulnerability description" }, { "category": "summary", "text": "SnakeYaml: Constructor Deserialization Remote Code Execution", "title": "Vulnerability summary" }, { "category": "other", "text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-1471" }, { "category": "external", "summary": "RHBZ#2150009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1471" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471" }, { "category": "external", "summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2", "url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2" } ], "release_date": "2022-10-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "SnakeYaml: Constructor Deserialization Remote Code Execution" }, { "cve": "CVE-2022-2764", "discovery_date": "2022-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2117506" } ], "notes": [ { "category": "description", "text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-2764" }, { "category": "external", "summary": "RHBZ#2117506", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2764" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764" } ], "release_date": "2022-08-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations" }, { "acknowledgments": [ { "names": [ "Peter Flintholm" ], "organization": "Trifork" } ], "cve": "CVE-2022-3916", "cwe": { "id": "CWE-384", "name": "Session Fixation" }, "discovery_date": "2022-11-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2141404" } ], "notes": [ { "category": "description", "text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: Session takeover with OIDC offline refreshtokens", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3916" }, { "category": "external", "summary": "RHBZ#2141404", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3916" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916" } ], "release_date": "2022-11-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: Session takeover with OIDC offline refreshtokens" }, { "cve": "CVE-2022-4137", "cwe": { "id": "CWE-81", "name": "Improper Neutralization of Script in an Error Message Web Page" }, "discovery_date": "2022-11-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2148496" } ], "notes": [ { "category": "description", "text": "A reflected cross-site scripting (XSS) vulnerability was found in the \u0027oob\u0027 OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: reflected XSS attack", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-4137" }, { "category": "external", "summary": "RHBZ#2148496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4137", "url": "https://www.cve.org/CVERecord?id=CVE-2022-4137" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137" } ], "release_date": "2023-03-01T13:56:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "keycloak: reflected XSS attack" }, { "cve": "CVE-2022-24785", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2022-04-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2072009" } ], "notes": [ { "category": "description", "text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "Moment.js: Path traversal in moment.locale", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24785" }, { "category": "external", "summary": "RHBZ#2072009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24785" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785" }, { "category": "external", "summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4", "url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4" } ], "release_date": "2022-04-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" }, { "category": "workaround", "details": "Sanitize the user-provided locale name before passing it to Moment.js.", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Moment.js: Path traversal in moment.locale" }, { "cve": "CVE-2022-25857", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2126789" } ], "notes": [ { "category": "description", "text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections", "title": "Vulnerability summary" }, { "category": "other", "text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-25857" }, { "category": "external", "summary": "RHBZ#2126789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857", "url": "https://www.cve.org/CVERecord?id=CVE-2022-25857" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857" }, { "category": "external", "summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525" } ], "release_date": "2022-08-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections" }, { "cve": "CVE-2022-31129", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-07-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2105075" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "moment: inefficient parsing algorithm resulting in DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-31129" }, { "category": "external", "summary": "RHBZ#2105075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129", "url": "https://www.cve.org/CVERecord?id=CVE-2022-31129" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129" }, { "category": "external", "summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g", "url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g" } ], "release_date": "2022-07-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "moment: inefficient parsing algorithm resulting in DoS" }, { "cve": "CVE-2022-37603", "cwe": { "id": "CWE-185", "name": "Incorrect Regular Expression" }, "discovery_date": "2022-11-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140597" } ], "notes": [ { "category": "description", "text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.", "title": "Vulnerability description" }, { "category": "summary", "text": "loader-utils: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-37603" }, { "category": "external", "summary": "RHBZ#2140597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603", "url": "https://www.cve.org/CVERecord?id=CVE-2022-37603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603" } ], "release_date": "2022-10-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "loader-utils: Regular expression denial of service" }, { "cve": "CVE-2022-38749", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2129706" } ], "notes": [ { "category": "description", "text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38749" }, { "category": "external", "summary": "RHBZ#2129706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38749" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749" } ], "release_date": "2022-09-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode" }, { "cve": "CVE-2022-38750", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2129707" } ], "notes": [ { "category": "description", "text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38750" }, { "category": "external", "summary": "RHBZ#2129707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38750" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750" } ], "release_date": "2022-09-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject" }, { "cve": "CVE-2022-38751", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2129709" } ], "notes": [ { "category": "description", "text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38751" }, { "category": "external", "summary": "RHBZ#2129709", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38751" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751" } ], "release_date": "2022-09-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match" }, { "cve": "CVE-2022-40149", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-10-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135771" } ], "notes": [ { "category": "description", "text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: parser crash by stackoverflow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40149" }, { "category": "external", "summary": "RHBZ#2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40149" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: parser crash by stackoverflow" }, { "cve": "CVE-2022-40150", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-10-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135770" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: memory exhaustion via user-supplied XML or JSON data", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40150" }, { "category": "external", "summary": "RHBZ#2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jettison: memory exhaustion via user-supplied XML or JSON data" }, { "cve": "CVE-2022-42003", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135244" } ], "notes": [ { "category": "description", "text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42003" }, { "category": "external", "summary": "RHBZ#2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS" }, { "cve": "CVE-2022-42004", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135247" } ], "notes": [ { "category": "description", "text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: use of deeply nested arrays", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42004" }, { "category": "external", "summary": "RHBZ#2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: use of deeply nested arrays" }, { "cve": "CVE-2022-45047", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-11-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2145194" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.", "title": "Vulnerability description" }, { "category": "summary", "text": "mina-sshd: Java unsafe deserialization vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45047" }, { "category": "external", "summary": "RHBZ#2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45047" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047" }, { "category": "external", "summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html", "url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html" } ], "release_date": "2022-11-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" }, { "category": "workaround", "details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "mina-sshd: Java unsafe deserialization vulnerability" }, { "cve": "CVE-2022-45693", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-12-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155970" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45693" }, { "category": "external", "summary": "RHBZ#2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45693" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos" }, { "cve": "CVE-2022-46175", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156263" } ], "notes": [ { "category": "description", "text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.", "title": "Vulnerability description" }, { "category": "summary", "text": "json5: Prototype Pollution in JSON5 via Parse Method", "title": "Vulnerability summary" }, { "category": "other", "text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46175" }, { "category": "external", "summary": "RHBZ#2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46175" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175" }, { "category": "external", "summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h", "url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h" } ], "release_date": "2022-12-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "json5: Prototype Pollution in JSON5 via Parse Method" }, { "cve": "CVE-2022-46363", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2022-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155681" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.", "title": "Vulnerability description" }, { "category": "summary", "text": "CXF: directory listing / code exfiltration", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46363" }, { "category": "external", "summary": "RHBZ#2155681", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46363" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363" }, { "category": "external", "summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c", "url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "CXF: directory listing / code exfiltration" }, { "cve": "CVE-2022-46364", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2022-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155682" } ], "notes": [ { "category": "description", "text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.", "title": "Vulnerability description" }, { "category": "summary", "text": "CXF: SSRF Vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46364" }, { "category": "external", "summary": "RHBZ#2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46364" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364" }, { "category": "external", "summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2", "url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "CXF: SSRF Vulnerability" }, { "acknowledgments": [ { "names": [ "Sourav Kumar" ], "organization": "https://github.com/souravs17031999", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0091", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2022-10-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2158585" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: Client Registration endpoint does not check token revocation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0091" }, { "category": "external", "summary": "RHBZ#2158585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0091" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091" }, { "category": "external", "summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg", "url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg" }, { "category": "external", "summary": "https://github.com/keycloak/security/issues/27", "url": "https://github.com/keycloak/security/issues/27" } ], "release_date": "2022-10-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "keycloak: Client Registration endpoint does not check token revocation" }, { "acknowledgments": [ { "names": [ "Jordi Zayuelas i Mu\u00f1oz" ], "organization": "A1 Digital", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0264", "cwe": { "id": "CWE-303", "name": "Incorrect Implementation of Authentication Algorithm" }, "discovery_date": "2023-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2160585" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: user impersonation via stolen uuid code", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0264" }, { "category": "external", "summary": "RHBZ#2160585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0264" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264" } ], "release_date": "2023-02-28T18:58:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T22:02:40+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src", "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: user impersonation via stolen uuid code" } ] }
rhsa-2022_7343
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for pcs is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nSecurity Fix(es):\n\n* rubygem-rack: crafted requests can cause shell escape sequences (CVE-2022-30123)\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:7343", "url": "https://access.redhat.com/errata/RHSA-2022:7343" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "2099524", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099524" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_7343.json" } ], "title": "Red Hat Security Advisory: pcs security update", "tracking": { "current_release_date": "2024-11-15T08:45:36+00:00", "generator": { "date": "2024-11-15T08:45:36+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2022:7343", "initial_release_date": "2022-11-02T16:34:31+00:00", "revision_history": [ { "date": "2022-11-02T16:34:31+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-11-02T16:34:31+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:45:36+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Server High Availability (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server High Availability (v. 7)", "product_id": "7Server-HighAvailability-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Resilient Storage (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server Resilient Storage (v. 7)", "product_id": "7Server-ResilientStorage-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "pcs-0:0.9.169-3.el7_9.3.src", "product": { "name": "pcs-0:0.9.169-3.el7_9.3.src", "product_id": "pcs-0:0.9.169-3.el7_9.3.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs@0.9.169-3.el7_9.3?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "pcs-0:0.9.169-3.el7_9.3.x86_64", "product": { "name": "pcs-0:0.9.169-3.el7_9.3.x86_64", "product_id": "pcs-0:0.9.169-3.el7_9.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs@0.9.169-3.el7_9.3?arch=x86_64" } } }, { "category": "product_version", "name": "pcs-snmp-0:0.9.169-3.el7_9.3.x86_64", "product": { "name": "pcs-snmp-0:0.9.169-3.el7_9.3.x86_64", "product_id": "pcs-snmp-0:0.9.169-3.el7_9.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs-snmp@0.9.169-3.el7_9.3?arch=x86_64" } } }, { "category": "product_version", "name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "product": { "name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "product_id": "pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs-debuginfo@0.9.169-3.el7_9.3?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "pcs-0:0.9.169-3.el7_9.3.s390x", "product": { "name": "pcs-0:0.9.169-3.el7_9.3.s390x", "product_id": "pcs-0:0.9.169-3.el7_9.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs@0.9.169-3.el7_9.3?arch=s390x" } } }, { "category": "product_version", "name": "pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "product": { "name": "pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "product_id": "pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs-snmp@0.9.169-3.el7_9.3?arch=s390x" } } }, { "category": "product_version", "name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "product": { "name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "product_id": "pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs-debuginfo@0.9.169-3.el7_9.3?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "pcs-0:0.9.169-3.el7_9.3.ppc64le", "product": { "name": "pcs-0:0.9.169-3.el7_9.3.ppc64le", "product_id": "pcs-0:0.9.169-3.el7_9.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs@0.9.169-3.el7_9.3?arch=ppc64le" } } }, { "category": "product_version", "name": "pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "product": { "name": "pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "product_id": "pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs-snmp@0.9.169-3.el7_9.3?arch=ppc64le" } } }, { "category": "product_version", "name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "product": { "name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "product_id": "pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pcs-debuginfo@0.9.169-3.el7_9.3?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.9.169-3.el7_9.3.ppc64le as a component of Red Hat Enterprise Linux Server High Availability (v. 7)", "product_id": "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le" }, "product_reference": "pcs-0:0.9.169-3.el7_9.3.ppc64le", "relates_to_product_reference": "7Server-HighAvailability-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.9.169-3.el7_9.3.s390x as a component of Red Hat Enterprise Linux Server High Availability (v. 7)", "product_id": "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x" }, "product_reference": "pcs-0:0.9.169-3.el7_9.3.s390x", "relates_to_product_reference": "7Server-HighAvailability-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.9.169-3.el7_9.3.src as a component of Red Hat Enterprise Linux Server High Availability (v. 7)", "product_id": "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src" }, "product_reference": "pcs-0:0.9.169-3.el7_9.3.src", "relates_to_product_reference": "7Server-HighAvailability-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.9.169-3.el7_9.3.x86_64 as a component of Red Hat Enterprise Linux Server High Availability (v. 7)", "product_id": "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64" }, "product_reference": "pcs-0:0.9.169-3.el7_9.3.x86_64", "relates_to_product_reference": "7Server-HighAvailability-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le as a component of Red Hat Enterprise Linux Server High Availability (v. 7)", "product_id": "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le" }, "product_reference": "pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "relates_to_product_reference": "7Server-HighAvailability-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x as a component of Red Hat Enterprise Linux Server High Availability (v. 7)", "product_id": "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x" }, "product_reference": "pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "relates_to_product_reference": "7Server-HighAvailability-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64 as a component of Red Hat Enterprise Linux Server High Availability (v. 7)", "product_id": "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64" }, "product_reference": "pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "relates_to_product_reference": "7Server-HighAvailability-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le as a component of Red Hat Enterprise Linux Server High Availability (v. 7)", "product_id": "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le" }, "product_reference": "pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "relates_to_product_reference": "7Server-HighAvailability-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-snmp-0:0.9.169-3.el7_9.3.s390x as a component of Red Hat Enterprise Linux Server High Availability (v. 7)", "product_id": "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x" }, "product_reference": "pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "relates_to_product_reference": "7Server-HighAvailability-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-snmp-0:0.9.169-3.el7_9.3.x86_64 as a component of Red Hat Enterprise Linux Server High Availability (v. 7)", "product_id": "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64" }, "product_reference": "pcs-snmp-0:0.9.169-3.el7_9.3.x86_64", "relates_to_product_reference": "7Server-HighAvailability-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.9.169-3.el7_9.3.ppc64le as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)", "product_id": "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le" }, "product_reference": "pcs-0:0.9.169-3.el7_9.3.ppc64le", "relates_to_product_reference": "7Server-ResilientStorage-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.9.169-3.el7_9.3.s390x as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)", "product_id": "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x" }, "product_reference": "pcs-0:0.9.169-3.el7_9.3.s390x", "relates_to_product_reference": "7Server-ResilientStorage-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.9.169-3.el7_9.3.src as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)", "product_id": "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src" }, "product_reference": "pcs-0:0.9.169-3.el7_9.3.src", "relates_to_product_reference": "7Server-ResilientStorage-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-0:0.9.169-3.el7_9.3.x86_64 as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)", "product_id": "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64" }, "product_reference": "pcs-0:0.9.169-3.el7_9.3.x86_64", "relates_to_product_reference": "7Server-ResilientStorage-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)", "product_id": "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le" }, "product_reference": "pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "relates_to_product_reference": "7Server-ResilientStorage-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)", "product_id": "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x" }, "product_reference": "pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "relates_to_product_reference": "7Server-ResilientStorage-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64 as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)", "product_id": "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64" }, "product_reference": "pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "relates_to_product_reference": "7Server-ResilientStorage-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)", "product_id": "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le" }, "product_reference": "pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "relates_to_product_reference": "7Server-ResilientStorage-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-snmp-0:0.9.169-3.el7_9.3.s390x as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)", "product_id": "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x" }, "product_reference": "pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "relates_to_product_reference": "7Server-ResilientStorage-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "pcs-snmp-0:0.9.169-3.el7_9.3.x86_64 as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)", "product_id": "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64" }, "product_reference": "pcs-snmp-0:0.9.169-3.el7_9.3.x86_64", "relates_to_product_reference": "7Server-ResilientStorage-7.9.Z" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-11358", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-03-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1701972" } ], "notes": [ { "category": "description", "text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11358" }, { "category": "external", "summary": "RHBZ#1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "category": "external", "summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "category": "external", "summary": "https://www.drupal.org/sa-core-2019-006", "url": "https://www.drupal.org/sa-core-2019-006" } ], "release_date": "2019-03-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-02T16:34:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7343" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-02T16:34:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7343" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "cve": "CVE-2022-30123", "cwe": { "id": "CWE-179", "name": "Incorrect Behavior Order: Early Validation" }, "discovery_date": "2022-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2099524" } ], "notes": [ { "category": "description", "text": "A flaw was found in ruby gem-rack. This flaw allows a malicious actor to craft requests that can cause shell escape sequences to be written to the terminal via rack\u0027s `Lint` middleware and `CommonLogger` middleware. This issue can leverage these escape sequences to execute commands in the victim\u0027s terminal.", "title": "Vulnerability description" }, { "category": "summary", "text": "rubygem-rack: crafted requests can cause shell escape sequences", "title": "Vulnerability summary" }, { "category": "other", "text": "- Because Red Hat OpenStack Platform 13.0 Operational Tools packaged the flawed code, but does not use its functionality, its Impact has been reduced to \u0027Low\u0027.\n- To exploit this vulnerability, applications should have either of these middlewares \u0027Lint\u0027 or \u0027CommonLogger\u0027 installed, and vulnerable apps may have something like this: \n\u0027use Rack::Lint\u0027 OR \u0027use Rack::CommonLogger\u0027\nThe Red Hat products use the flawed code but don\u0027t use its functionality, Hence, the impact is set to Important.\n- Logging Subsystem for Red Hat OpenShift uses the vulnerable ruby gem-rack package in the openshift-logging/fluentd-rhel8 component to instantiate client-to-server communication. But, this component cannot receive any requests so exploitation by crafted request consumption is not possible. Therefore the impact of this vulnerability on the Logging Subsystem for Red Hat OpenShift is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-30123" }, { "category": "external", "summary": "RHBZ#2099524", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099524" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30123", "url": "https://www.cve.org/CVERecord?id=CVE-2022-30123" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30123", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30123" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-wq4h-7r42-5hrr", "url": "https://github.com/advisories/GHSA-wq4h-7r42-5hrr" } ], "release_date": "2022-05-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-02T16:34:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7343" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src", "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x", "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "rubygem-rack: crafted requests can cause shell escape sequences" } ] }
rhsa-2020_5249
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container", "title": "Topic" }, { "category": "general", "text": "* Fixed two jQuery vulnerabilities (CVE-2020-11022, CVE-2020-11023)\n* Improved Ansible Tower\u0027s web service configuration to allow for processing more simultaneous HTTP(s) requests by default\n* Updated several dependencies of Ansible Tower\u0027s User Interface to address (CVE-2020-7720, CVE-2020-7743, CVE-2020-7676)\n* Updated to the latest version of python-psutil to address CVE-2019-18874\n* Added several optimizations to improve performance for a variety of high-load simultaneous job launch use cases\n* Fixed workflows to no longer prevent certain users from being able to edit approval nodes\n* Fixed confusing behavior for social auth logins across distinct browser tabs\n* Fixed launching of Job Templates that use prompt-at-launch Ansible Vault credentials", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:5249", "url": "https://access.redhat.com/errata/RHSA-2020:5249" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5249.json" } ], "title": "Red Hat Security Advisory: security update - Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container", "tracking": { "current_release_date": "2024-11-15T08:40:22+00:00", "generator": { "date": "2024-11-15T08:40:22+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:5249", "initial_release_date": "2020-11-30T14:12:30+00:00", "revision_history": [ { "date": "2020-11-30T14:12:30+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-11-30T14:12:30+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:40:22+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Ansible Tower 3.7 for RHEL 7", "product": { "name": "Red Hat Ansible Tower 3.7 for RHEL 7", "product_id": "7Server-Ansible-Tower-3.7", "product_identification_helper": { "cpe": "cpe:/a:redhat:ansible_tower:3.7::el7" } } } ], "category": "product_family", "name": "Red Hat Ansible Tower" }, { "branches": [ { "category": "product_version", "name": "ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64", "product": { "name": "ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64", "product_id": "ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64", "product_identification_helper": { "purl": "pkg:oci/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5?arch=amd64\u0026repository_url=registry.redhat.io/ansible-tower-37/ansible-tower-rhel7\u0026tag=3.7.4-1" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64 as a component of Red Hat Ansible Tower 3.7 for RHEL 7", "product_id": "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" }, "product_reference": "ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64", "relates_to_product_reference": "7Server-Ansible-Tower-3.7" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Riccardo Schirone" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2019-18874", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2019-11-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1772014" } ], "notes": [ { "category": "description", "text": "A double free issue has been discovered in python-psutil because of the mishandling of refcounts while converting system data into Python objects in functions like psutil_disk_partitions(), psutil_users(), psutil_net_if_addrs(), and others. In particular cases, a local attacker may be able to get code execution by manipulating system resources that python-psutil then tries to convert.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-psutil: Double free because of refcount mishandling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-18874" }, { "category": "external", "summary": "RHBZ#1772014", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772014" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-18874", "url": "https://www.cve.org/CVERecord?id=CVE-2019-18874" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-18874", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18874" } ], "release_date": "2019-11-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-30T14:12:30+00:00", "details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", "product_ids": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:5249" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-psutil: Double free because of refcount mishandling" }, { "cve": "CVE-2020-7676", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1849206" } ], "notes": [ { "category": "description", "text": "A XSS flaw was found in nodejs-angular. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping \"\\\u003coption\\\u003e\" elements in \"\\\u003cselect\\\u003e\" ones changes parsing behavior, leading to possibly unsanitizing code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-angular: XSS due to regex-based HTML replacement", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7676" }, { "category": "external", "summary": "RHBZ#1849206", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849206" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7676", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7676" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7676", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7676" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-ANGULAR-570058", "url": "https://snyk.io/vuln/SNYK-JS-ANGULAR-570058" } ], "release_date": "2020-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-30T14:12:30+00:00", "details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", "product_ids": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:5249" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-angular: XSS due to regex-based HTML replacement" }, { "cve": "CVE-2020-7720", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-09-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1874606" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-node-forge. A Prototype Pollution via the util.setPath function is possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-node-forge: prototype pollution via the util.setPath function", "title": "Vulnerability summary" }, { "category": "other", "text": "In Red Hat Openshift Container Storage 4 the noobaa-core container includes the affected version of node-forge as a dependency of google-p12-pem, however the vulnerable function `util.setPath` is not being used and hence this issue has been rated as having a security impact of Low.\n\nIn OpenShift Container Platform (OCP) the prometheus container is behind OpenShift OAuth restricting access to the vulnerable node-forge library to authenticated users only, therefore the impact is Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7720" }, { "category": "external", "summary": "RHBZ#1874606", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874606" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7720", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7720" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7720", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7720" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677", "url": "https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677" } ], "release_date": "2020-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-30T14:12:30+00:00", "details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", "product_ids": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:5249" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-node-forge: prototype pollution via the util.setPath function" }, { "cve": "CVE-2020-7743", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-10-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1887999" } ], "notes": [ { "category": "description", "text": "The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.", "title": "Vulnerability description" }, { "category": "summary", "text": "mathjs: prototype pollution via the deepExtend function that runs upon configuration updates", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7743" }, { "category": "external", "summary": "RHBZ#1887999", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887999" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7743", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7743" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7743", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7743" } ], "release_date": "2020-10-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-30T14:12:30+00:00", "details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", "product_ids": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:5249" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mathjs: prototype pollution via the deepExtend function that runs upon configuration updates" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-30T14:12:30+00:00", "details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", "product_ids": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:5249" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-30T14:12:30+00:00", "details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", "product_ids": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:5249" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" } ] }
rhsa-2020_3247
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The ovirt-engine package provides the Red Hat Virtualization Manager, a\ncentralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. \n\nThe Manager is a JBoss Application Server application that provides several interfaces through which the virtual environment can be accessed and interacted with, including an Administration Portal, a VM Portal, and a Representational State Transfer (REST) Application Programming Interface (API).\n\nA list of bugs fixed in this update is available in the Technical Notes\nbook:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes\n\nSecurity Fix(es):\n\n* apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* libquartz: XXE attacks via job description (CVE-2019-13990)\n\n* novnc: XSS vulnerability via the messages propagated to the status field (CVE-2017-18635)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* nimbus-jose-jwt: Uncaught exceptions while parsing a JWT (CVE-2019-17195)\n\n* ovirt-engine: response_type parameter allows reflected XSS (CVE-2019-19336)\n\n* nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598)\n\n* ovirt-engine: Redirect to arbitrary URL allows for phishing (CVE-2020-10775)\n\n* Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:3247", "url": "https://access.redhat.com/errata/RHSA-2020:3247" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.3/html-single/technical_notes", "url": "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.3/html-single/technical_notes" }, { "category": "external", "summary": "1080097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1080097" }, { "category": "external", "summary": "1325468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1325468" }, { "category": "external", "summary": "1358501", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358501" }, { "category": "external", "summary": "1427717", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1427717" }, { "category": "external", "summary": "1475774", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1475774" }, { "category": "external", "summary": "1507438", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1507438" }, { "category": "external", "summary": "1523835", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523835" }, { "category": "external", "summary": "1527843", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1527843" }, { "category": "external", "summary": "1529042", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1529042" }, { "category": "external", "summary": "1535796", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535796" }, { "category": "external", "summary": "1546838", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1546838" }, { "category": "external", "summary": "1547937", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547937" }, { "category": "external", "summary": "1585986", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1585986" }, { "category": "external", "summary": "1593800", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593800" }, { "category": "external", "summary": "1596178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596178" }, { "category": "external", "summary": "1600059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1600059" }, { "category": "external", "summary": "1610212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610212" }, { "category": "external", "summary": "1611395", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1611395" }, { "category": "external", "summary": "1616451", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616451" }, { "category": "external", "summary": "1637172", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1637172" }, { "category": "external", "summary": "1640908", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1640908" }, { "category": "external", "summary": "1642273", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642273" }, { "category": "external", "summary": "1647440", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1647440" }, { "category": "external", "summary": "1648345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1648345" }, { "category": "external", "summary": "1650417", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650417" }, { "category": "external", "summary": "1650505", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650505" }, { "category": "external", "summary": "1651406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651406" }, { "category": "external", "summary": "1651939", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651939" }, { "category": "external", "summary": "1654069", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1654069" }, { "category": "external", "summary": "1654889", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1654889" }, { "category": "external", "summary": "1656621", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656621" }, { "category": "external", "summary": "1658101", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1658101" }, { "category": "external", "summary": "1659161", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659161" }, { "category": "external", "summary": "1660071", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660071" }, { "category": "external", "summary": "1660644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660644" }, { "category": "external", "summary": "1663366", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663366" }, { "category": "external", "summary": "1664479", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664479" }, { "category": "external", "summary": "1666913", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666913" }, { "category": "external", "summary": "1670102", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670102" }, { "category": "external", "summary": "1671876", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671876" }, { "category": "external", "summary": "1679039", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679039" }, { "category": "external", "summary": "1679110", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679110" }, { "category": "external", "summary": "1679471", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679471" }, { "category": "external", "summary": "1679730", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679730" }, { "category": "external", "summary": "1686454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454" }, { "category": "external", "summary": "1686650", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686650" }, { "category": "external", "summary": "1687345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687345" }, { "category": "external", "summary": "1690026", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690026" }, { "category": "external", "summary": "1690155", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690155" }, { "category": "external", "summary": "1690475", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690475" }, { "category": "external", "summary": "1691562", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1691562" }, { "category": "external", "summary": "1692592", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1692592" }, { "category": "external", "summary": "1693628", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693628" }, { "category": "external", "summary": "1693813", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693813" }, { "category": "external", "summary": "1695026", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695026" }, { "category": "external", "summary": "1695635", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695635" }, { "category": "external", "summary": "1696245", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696245" }, { "category": "external", "summary": "1696669", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696669" }, { "category": "external", "summary": "1696676", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696676" }, { "category": "external", "summary": "1698009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1698009" }, { "category": "external", "summary": "1698102", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1698102" }, { "category": "external", "summary": "1700021", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700021" }, { "category": "external", "summary": "1700036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700036" }, { "category": "external", "summary": "1700319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700319" }, { "category": "external", "summary": "1700338", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700338" }, { "category": "external", "summary": "1700725", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700725" }, { "category": "external", "summary": "1700867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700867" }, { "category": "external", "summary": "1701476", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701476" }, { "category": "external", "summary": "1701491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701491" }, { "category": "external", "summary": "1701522", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701522" }, { "category": "external", "summary": "1701528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701528" }, { "category": "external", "summary": "1701530", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701530" }, { "category": "external", "summary": "1701531", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701531" }, { "category": "external", "summary": "1701533", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701533" }, { "category": "external", "summary": "1701538", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701538" }, { "category": "external", "summary": "1701544", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701544" }, { "category": "external", "summary": "1702310", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702310" }, { "category": "external", "summary": "1702312", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702312" }, { "category": "external", "summary": "1703112", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703112" }, { "category": "external", "summary": "1703428", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703428" }, { "category": "external", "summary": "1707225", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1707225" }, { "category": "external", "summary": "1708624", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1708624" }, { "category": "external", "summary": "1710491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710491" }, { "category": "external", "summary": "1711006", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1711006" }, { "category": "external", "summary": "1712255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1712255" }, { "category": "external", "summary": "1712746", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1712746" }, { "category": "external", "summary": "1712890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1712890" }, { "category": "external", "summary": "1714528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1714528" }, { "category": "external", "summary": "1714633", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1714633" }, { "category": "external", "summary": "1714834", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1714834" }, { "category": "external", "summary": "1715725", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715725" }, { "category": "external", "summary": "1716590", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716590" }, { "category": "external", "summary": "1718818", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718818" }, { "category": "external", "summary": "1720686", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720686" }, { "category": "external", "summary": "1720694", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720694" }, { "category": "external", "summary": "1720795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720795" }, { "category": "external", "summary": "1724959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724959" }, { "category": "external", "summary": "1727025", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727025" }, { "category": "external", "summary": "1728472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728472" }, { "category": "external", "summary": "1729511", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729511" }, { "category": "external", "summary": "1729811", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729811" }, { "category": "external", "summary": "1730264", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730264" }, { "category": "external", "summary": "1730436", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730436" }, { "category": "external", "summary": "1731212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731212" }, { "category": "external", "summary": "1731590", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731590" }, { "category": "external", "summary": "1733031", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733031" }, { "category": "external", "summary": "1733529", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733529" }, { "category": "external", "summary": "1733843", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733843" }, { "category": "external", "summary": "1734839", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1734839" }, { "category": "external", "summary": "1737234", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737234" }, { "category": "external", "summary": "1737684", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737684" }, { "category": "external", "summary": "1740978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1740978" }, { "category": "external", "summary": "1741102", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741102" }, { "category": "external", "summary": "1741271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741271" }, { "category": "external", "summary": "1741625", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741625" }, { "category": "external", "summary": "1743690", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743690" }, { "category": "external", "summary": "1744557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744557" }, { "category": "external", "summary": "1745384", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1745384" }, { "category": "external", "summary": "1745504", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1745504" }, { "category": "external", "summary": "1746272", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746272" }, { "category": "external", "summary": "1746430", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746430" }, { "category": "external", "summary": "1746877", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746877" }, { "category": "external", "summary": "1747772", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1747772" }, { "category": "external", "summary": "1749284", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749284" }, { "category": "external", "summary": "1749944", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749944" }, { "category": "external", "summary": "1750212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750212" }, { "category": "external", "summary": "1750348", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750348" }, { "category": "external", "summary": "1750357", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750357" }, { "category": "external", "summary": "1750371", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750371" }, { "category": "external", "summary": "1750482", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750482" }, { "category": "external", "summary": "1751215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1751215" }, { "category": "external", "summary": "1751268", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1751268" }, { "category": "external", "summary": "1751423", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1751423" }, { "category": "external", "summary": "1752890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752890" }, { "category": "external", "summary": "1752995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752995" }, { "category": "external", "summary": "1753629", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753629" }, { "category": "external", "summary": "1753661", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753661" }, { "category": "external", "summary": "1753664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753664" }, { "category": "external", "summary": "1754363", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1754363" }, { "category": "external", "summary": "1754490", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1754490" }, { "category": "external", "summary": "1755412", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755412" }, { "category": "external", "summary": "1758048", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758048" }, { "category": "external", "summary": "1758289", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758289" }, { "category": "external", "summary": "1762281", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1762281" }, { "category": "external", "summary": "1763992", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1763992" }, { "category": "external", "summary": "1764289", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764289" }, { "category": "external", "summary": "1764791", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764791" }, { "category": "external", "summary": "1764932", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764932" }, { "category": "external", "summary": "1764943", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764943" }, { "category": "external", "summary": "1764959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764959" }, { "category": "external", "summary": "1765660", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1765660" }, { "category": "external", "summary": "1767319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767319" }, { "category": "external", "summary": "1767483", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767483" }, { "category": "external", "summary": "1768707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1768707" }, { "category": "external", "summary": "1768844", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1768844" }, { "category": "external", "summary": "1769463", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1769463" }, { "category": "external", "summary": "1770237", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770237" }, { "category": "external", "summary": "1771793", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771793" }, { "category": "external", "summary": "1773313", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1773313" }, { "category": "external", "summary": "1777954", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777954" }, { "category": "external", "summary": "1779580", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1779580" }, { "category": "external", "summary": "1781001", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781001" }, { "category": "external", "summary": "1782236", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782236" }, { "category": "external", "summary": "1782279", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782279" }, { "category": "external", "summary": "1782882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782882" }, { "category": "external", "summary": "1784049", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1784049" }, { "category": "external", "summary": "1784385", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1784385" }, { "category": "external", "summary": "1785750", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785750" }, { "category": "external", "summary": "1788424", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788424" }, { "category": "external", "summary": "1796809", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796809" }, { "category": "external", "summary": "1796811", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796811" }, { "category": "external", "summary": "1796815", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796815" }, { "category": "external", "summary": "1796817", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796817" }, { "category": "external", "summary": "1797316", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797316" }, { "category": "external", "summary": "1797500", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797500" }, { "category": "external", "summary": "1798114", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798114" }, { "category": "external", "summary": "1798117", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798117" }, { "category": "external", "summary": "1798120", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798120" }, { "category": "external", "summary": "1798127", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798127" }, { "category": "external", "summary": "1798137", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798137" }, { "category": "external", "summary": "1799171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799171" }, { "category": "external", "summary": "1799204", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799204" }, { "category": "external", "summary": "1801149", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801149" }, { "category": "external", "summary": "1801709", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801709" }, { "category": "external", "summary": "1803597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1803597" }, { "category": "external", "summary": "1805669", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805669" }, { "category": "external", "summary": "1806276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806276" }, { "category": "external", "summary": "1807047", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807047" }, { "category": "external", "summary": "1807860", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807860" }, { "category": "external", "summary": "1808096", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1808096" }, { "category": "external", "summary": "1808126", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1808126" }, { "category": "external", "summary": "1809040", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809040" }, { "category": "external", "summary": "1809052", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809052" }, { "category": "external", "summary": "1809875", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809875" }, { "category": "external", "summary": "1809877", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809877" }, { "category": "external", "summary": "1810893", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810893" }, { "category": "external", "summary": "1811865", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1811865" }, { "category": "external", "summary": "1811869", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1811869" }, { "category": "external", "summary": "1812875", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1812875" }, { "category": "external", "summary": "1813305", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813305" }, { "category": "external", "summary": "1813344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813344" }, { "category": "external", "summary": "1814197", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1814197" }, { "category": "external", "summary": "1814215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1814215" }, { "category": "external", "summary": "1816017", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816017" }, { "category": "external", "summary": "1816643", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816643" }, { "category": "external", "summary": "1816654", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816654" }, { "category": "external", "summary": "1816693", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816693" }, { "category": "external", "summary": "1816739", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816739" }, { "category": "external", "summary": "1817467", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817467" }, { "category": "external", "summary": "1818745", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818745" }, { "category": "external", "summary": "1819201", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819201" }, { "category": "external", "summary": "1819248", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819248" }, { "category": "external", "summary": "1819514", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819514" }, { "category": "external", "summary": "1819960", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819960" }, { "category": "external", "summary": "1820621", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820621" }, { "category": "external", "summary": "1820638", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820638" }, { "category": "external", "summary": "1821164", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821164" }, { "category": "external", "summary": "1821930", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821930" }, { "category": "external", "summary": "1824095", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824095" }, { "category": "external", "summary": "1825793", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825793" }, { "category": "external", "summary": "1826248", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826248" }, { "category": "external", "summary": "1826437", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826437" }, { "category": "external", "summary": "1826801", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826801" }, { "category": "external", "summary": "1826855", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826855" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "1828669", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828669" }, { "category": "external", "summary": "1828736", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828736" }, { "category": "external", "summary": "1829189", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829189" }, { "category": "external", "summary": "1829656", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829656" }, { "category": "external", "summary": "1829830", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829830" }, { "category": "external", "summary": "1832161", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832161" }, { "category": "external", "summary": "1834523", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834523" }, { "category": "external", "summary": "1838493", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1838493" }, { "category": "external", "summary": "1841495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841495" }, { "category": "external", "summary": "1842495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842495" }, { "category": "external", "summary": "1844270", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844270" }, { "category": "external", "summary": "1844855", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844855" }, { "category": "external", "summary": "1845473", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845473" }, { "category": "external", "summary": "1847420", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847420" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "1853444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853444" }, { "category": "external", "summary": "1854563", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854563" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3247.json" } ], "title": "Red Hat Security Advisory: RHV Manager (ovirt-engine) 4.4 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-15T08:35:29+00:00", "generator": { "date": "2024-11-15T08:35:29+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:3247", "initial_release_date": "2020-08-04T14:02:29+00:00", "revision_history": [ { "date": "2020-08-04T14:02:29+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-08-04T14:02:29+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:35:29+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product": { "name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhev_manager:4.4:el8" } } } ], "category": "product_family", "name": "Red Hat Virtualization" }, { "branches": [ { "category": "product_version", "name": "unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "product": { "name": "unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "product_id": "unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/unboundid-ldapsdk@4.0.14-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "product": { "name": "unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "product_id": "unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/unboundid-ldapsdk-javadoc@4.0.14-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ed25519-java-0:0.3.0-1.el8ev.noarch", "product": { "name": "ed25519-java-0:0.3.0-1.el8ev.noarch", "product_id": "ed25519-java-0:0.3.0-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ed25519-java@0.3.0-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "product": { "name": "ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "product_id": "ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ed25519-java-javadoc@0.3.0-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "snmp4j-0:2.4.1-1.el8ev.noarch", "product": { "name": "snmp4j-0:2.4.1-1.el8ev.noarch", "product_id": "snmp4j-0:2.4.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/snmp4j@2.4.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "product": { "name": "snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "product_id": "snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/snmp4j-javadoc@2.4.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "product": { "name": "ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "product_id": "ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ebay-cors-filter@1.0.1-4.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "product": { "name": "apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "product_id": "apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-jexl@2.1.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "product": { "name": "apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "product_id": "apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-jexl-javadoc@2.1.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-commons-collections4-0:4.4-1.el8ev.noarch", "product": { "name": "apache-commons-collections4-0:4.4-1.el8ev.noarch", "product_id": "apache-commons-collections4-0:4.4-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-collections4@4.4-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "product": { "name": "apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "product_id": "apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-collections4-javadoc@4.4-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "product": { "name": "apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "product_id": "apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-vfs@2.4.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "product": { "name": "apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "product_id": "apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-vfs-ant@2.4.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "product": { "name": "apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "product_id": "apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-vfs-examples@2.4.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "product": { "name": "apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "product_id": "apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-vfs-javadoc@2.4.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ws-commons-util-0:1.0.2-1.el8ev.noarch", "product": { "name": "ws-commons-util-0:1.0.2-1.el8ev.noarch", "product_id": "ws-commons-util-0:1.0.2-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ws-commons-util@1.0.2-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "product": { "name": "ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "product_id": "ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ws-commons-util-javadoc@1.0.2-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "xmlrpc-client-0:3.1.3-1.el8ev.noarch", "product": { "name": "xmlrpc-client-0:3.1.3-1.el8ev.noarch", "product_id": "xmlrpc-client-0:3.1.3-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlrpc-client@3.1.3-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "xmlrpc-common-0:3.1.3-1.el8ev.noarch", "product": { "name": "xmlrpc-common-0:3.1.3-1.el8ev.noarch", "product_id": "xmlrpc-common-0:3.1.3-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlrpc-common@3.1.3-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "product": { "name": "xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "product_id": "xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlrpc-javadoc@3.1.3-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "xmlrpc-server-0:3.1.3-1.el8ev.noarch", "product": { "name": "xmlrpc-server-0:3.1.3-1.el8ev.noarch", "product_id": "xmlrpc-server-0:3.1.3-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlrpc-server@3.1.3-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "product": { "name": "ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "product_id": "ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extensions-api@1.0.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "product": { "name": "ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "product_id": "ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extensions-api-javadoc@1.0.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "product": { "name": "ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "product_id": "ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extension-aaa-jdbc@1.2.0-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "product": { "name": "vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "product_id": "vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/vdsm-jsonrpc-java@1.5.4-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "product": { "name": "ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "product_id": "ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-scheduler-proxy@0.1.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "makeself-0:2.4.0-4.el8ev.noarch", "product": { "name": "makeself-0:2.4.0-4.el8ev.noarch", "product_id": "makeself-0:2.4.0-4.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/makeself@2.4.0-4.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "python2-pbr-0:5.1.2-2.el8ost.noarch", "product": { "name": "python2-pbr-0:5.1.2-2.el8ost.noarch", "product_id": "python2-pbr-0:5.1.2-2.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python2-pbr@5.1.2-2.el8ost?arch=noarch" } } }, { "category": "product_version", "name": "python3-pbr-0:5.1.2-2.el8ost.noarch", "product": { "name": "python3-pbr-0:5.1.2-2.el8ost.noarch", "product_id": "python3-pbr-0:5.1.2-2.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-pbr@5.1.2-2.el8ost?arch=noarch" } } }, { "category": "product_version", "name": "python2-six-0:1.12.0-1.el8ost.noarch", "product": { "name": "python2-six-0:1.12.0-1.el8ost.noarch", "product_id": "python2-six-0:1.12.0-1.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python2-six@1.12.0-1.el8ost?arch=noarch" } } }, { "category": "product_version", "name": "python3-six-0:1.12.0-1.el8ost.noarch", "product": { "name": "python3-six-0:1.12.0-1.el8ost.noarch", "product_id": "python3-six-0:1.12.0-1.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-six@1.12.0-1.el8ost?arch=noarch" } } }, { "category": "product_version", "name": "python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "product": { "name": "python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "product_id": "python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python2-netaddr@0.7.19-8.1.el8ost?arch=noarch" } } }, { "category": "product_version", "name": "python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "product": { "name": "python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "product_id": "python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-netaddr@0.7.19-8.1.el8ost?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "product": { "name": "ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "product_id": "ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.6-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "product": { "name": "python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "product_id": "python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-ovsdbapp@0.17.1-0.20191216120142.206cf14.el8ost?arch=noarch" } } }, { "category": "product_version", "name": "rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "product": { "name": "rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "product_id": "rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm-setup-plugins@4.4.2-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "product": { "name": "ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "product_id": "ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extension-aaa-ldap@1.4.0-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "product": { "name": "ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "product_id": "ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extension-aaa-ldap-setup@1.4.0-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "product": { "name": "ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "product_id": "ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extension-aaa-misc@1.1.0-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "python3-notario-0:0.0.16-2.el8cp.noarch", "product": { "name": "python3-notario-0:0.0.16-2.el8cp.noarch", "product_id": "python3-notario-0:0.0.16-2.el8cp.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-notario@0.0.16-2.el8cp?arch=noarch" } } }, { "category": "product_version", "name": "novnc-0:1.1.0-1.el8ost.noarch", "product": { "name": "novnc-0:1.1.0-1.el8ost.noarch", "product_id": "novnc-0:1.1.0-1.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/novnc@1.1.0-1.el8ost?arch=noarch" } } }, { "category": "product_version", "name": "python3-websocket-client-0:0.54.0-1.el8ost.noarch", "product": { "name": "python3-websocket-client-0:0.54.0-1.el8ost.noarch", "product_id": "python3-websocket-client-0:0.54.0-1.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-websocket-client@0.54.0-1.el8ost?arch=noarch" } } }, { "category": "product_version", "name": "log4j12-0:1.2.17-22.el8ev.noarch", "product": { "name": "log4j12-0:1.2.17-22.el8ev.noarch", "product_id": "log4j12-0:1.2.17-22.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/log4j12@1.2.17-22.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "product": { "name": "log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "product_id": "log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/log4j12-javadoc@1.2.17-22.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ansible-runner-0:1.4.5-1.el8ar.noarch", "product": { "name": "ansible-runner-0:1.4.5-1.el8ar.noarch", "product_id": "ansible-runner-0:1.4.5-1.el8ar.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ansible-runner@1.4.5-1.el8ar?arch=noarch" } } }, { "category": "product_version", "name": "python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "product": { "name": "python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "product_id": "python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-ansible-runner@1.4.5-1.el8ar?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "product": { "name": "ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "product_id": "ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extension-logger-log4j@1.1.0-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "product": { "name": "rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "product_id": "rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm-dependencies@4.4.0-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "product": { "name": "java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "product_id": "java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-client-kubevirt@0.5.0-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-commons-compress-0:1.18-1.el8ev.noarch", "product": { "name": "apache-commons-compress-0:1.18-1.el8ev.noarch", "product_id": "apache-commons-compress-0:1.18-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-compress@1.18-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "product": { "name": "apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "product_id": "apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-compress-javadoc@1.18-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-commons-jxpath-0:1.3-29.el8ev.noarch", "product": { "name": "apache-commons-jxpath-0:1.3-29.el8ev.noarch", "product_id": "apache-commons-jxpath-0:1.3-29.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-jxpath@1.3-29.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "product": { "name": "apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "product_id": "apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-jxpath-javadoc@1.3-29.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "python3-flask-restful-0:0.3.6-8.el8ost.noarch", "product": { "name": "python3-flask-restful-0:0.3.6-8.el8ost.noarch", "product_id": "python3-flask-restful-0:0.3.6-8.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-flask-restful@0.3.6-8.el8ost?arch=noarch" } } }, { "category": "product_version", "name": "python3-aniso8601-0:0.82-4.el8ost.noarch", "product": { "name": "python3-aniso8601-0:0.82-4.el8ost.noarch", "product_id": "python3-aniso8601-0:0.82-4.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-aniso8601@0.82-4.el8ost?arch=noarch" } } }, { "category": "product_version", "name": "python3-werkzeug-0:0.16.0-1.el8ost.noarch", "product": { "name": "python3-werkzeug-0:0.16.0-1.el8ost.noarch", "product_id": "python3-werkzeug-0:0.16.0-1.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-werkzeug@0.16.0-1.el8ost?arch=noarch" } } }, { "category": "product_version", "name": "python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "product": { "name": "python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "product_id": "python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-werkzeug-doc@0.16.0-1.el8ost?arch=noarch" } } }, { "category": "product_version", "name": "python-flask-doc-1:1.0.2-2.el8ost.noarch", "product": { "name": "python-flask-doc-1:1.0.2-2.el8ost.noarch", "product_id": "python-flask-doc-1:1.0.2-2.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-flask-doc@1.0.2-2.el8ost?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "python3-flask-1:1.0.2-2.el8ost.noarch", "product": { "name": "python3-flask-1:1.0.2-2.el8ost.noarch", "product_id": "python3-flask-1:1.0.2-2.el8ost.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-flask@1.0.2-2.el8ost?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "product": { "name": "ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "product_id": "ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-cockpit-sso@0.1.4-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ansible-runner-service-0:1.0.2-1.el8ev.noarch", "product": { "name": "ansible-runner-service-0:1.0.2-1.el8ev.noarch", "product_id": "ansible-runner-service-0:1.0.2-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ansible-runner-service@1.0.2-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-ceilometer-client@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-ceilometer-model@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-cinder-client@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-cinder-model@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-client-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-client-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-client-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-client@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-glance-client@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-glance-model@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-heat-client@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-heat-model@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-javadoc@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-keystone-client@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-keystone-model@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-nova-client@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-nova-model@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-quantum-client@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-quantum-model@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-resteasy-connector@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-swift-client@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "product": { "name": "openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "product_id": "openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-swift-model@3.2.9-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "product": { "name": "ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "product_id": "ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-fast-forward-upgrade@1.1.6-0.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "engine-db-query-0:1.6.1-1.el8ev.noarch", "product": { "name": "engine-db-query-0:1.6.1-1.el8ev.noarch", "product_id": "engine-db-query-0:1.6.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/engine-db-query@1.6.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "product": { "name": "rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "product_id": "rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.2-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "product": { "name": "ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "product_id": "ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-metrics@1.4.1.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-sshd-0:2.5.1-1.el8ev.noarch", "product": { "name": "apache-sshd-0:2.5.1-1.el8ev.noarch", "product_id": "apache-sshd-0:2.5.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-sshd@2.5.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "product": { "name": "apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "product_id": "apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-sshd-javadoc@2.5.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "product": { "name": "rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "product_id": "rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.4.4-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "product": { "name": "ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "product_id": "ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.4.1.2-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "product": { "name": "ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "product_id": "ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh-grafana-integration-setup@4.4.1.2-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "product": { "name": "ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "product_id": "ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh-setup@4.4.1.2-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "product": { "name": "ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "product_id": "ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-web-ui@1.6.3-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "product": { "name": "ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "product_id": "ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.2.2-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-backend@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dbscripts@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-health-check-bundler@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-restapi@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-base@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-tools@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-tools-backup@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-webadmin-portal@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-websocket-proxy@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-ovirt-engine-lib@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "rhvm-0:4.4.1.8-0.7.el8ev.noarch", "product": { "name": "rhvm-0:4.4.1.8-0.7.el8ev.noarch", "product_id": "rhvm-0:4.4.1.8-0.7.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm@4.4.1.8-0.7.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "product": { "name": "ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "product_id": "ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.2-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-commons-configuration-0:1.10-1.el8ev.noarch", "product": { "name": "apache-commons-configuration-0:1.10-1.el8ev.noarch", "product_id": "apache-commons-configuration-0:1.10-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-configuration@1.10-1.el8ev?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "product": { "name": "unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "product_id": "unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/unboundid-ldapsdk@4.0.14-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ed25519-java-0:0.3.0-1.el8ev.src", "product": { "name": "ed25519-java-0:0.3.0-1.el8ev.src", "product_id": "ed25519-java-0:0.3.0-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ed25519-java@0.3.0-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "snmp4j-0:2.4.1-1.el8ev.src", "product": { "name": "snmp4j-0:2.4.1-1.el8ev.src", "product_id": "snmp4j-0:2.4.1-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/snmp4j@2.4.1-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ebay-cors-filter-0:1.0.1-4.el8ev.src", "product": { "name": "ebay-cors-filter-0:1.0.1-4.el8ev.src", "product_id": "ebay-cors-filter-0:1.0.1-4.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ebay-cors-filter@1.0.1-4.el8ev?arch=src" } } }, { "category": "product_version", "name": "apache-commons-jexl-0:2.1.1-1.el8ev.src", "product": { "name": "apache-commons-jexl-0:2.1.1-1.el8ev.src", "product_id": "apache-commons-jexl-0:2.1.1-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-jexl@2.1.1-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "apache-commons-collections4-0:4.4-1.el8ev.src", "product": { "name": "apache-commons-collections4-0:4.4-1.el8ev.src", "product_id": "apache-commons-collections4-0:4.4-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-collections4@4.4-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "apache-commons-vfs-0:2.4.1-1.el8ev.src", "product": { "name": "apache-commons-vfs-0:2.4.1-1.el8ev.src", "product_id": "apache-commons-vfs-0:2.4.1-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-vfs@2.4.1-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ws-commons-util-0:1.0.2-1.el8ev.src", "product": { "name": "ws-commons-util-0:1.0.2-1.el8ev.src", "product_id": "ws-commons-util-0:1.0.2-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ws-commons-util@1.0.2-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "xmlrpc-0:3.1.3-1.el8ev.src", "product": { "name": "xmlrpc-0:3.1.3-1.el8ev.src", "product_id": "xmlrpc-0:3.1.3-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlrpc@3.1.3-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "product": { "name": "ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "product_id": "ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extensions-api@1.0.1-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "product": { "name": "ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "product_id": "ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extension-aaa-jdbc@1.2.0-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "product": { "name": "vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "product_id": "vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/vdsm-jsonrpc-java@1.5.4-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "product": { "name": "ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "product_id": "ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-scheduler-proxy@0.1.9-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "makeself-0:2.4.0-4.el8ev.src", "product": { "name": "makeself-0:2.4.0-4.el8ev.src", "product_id": "makeself-0:2.4.0-4.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/makeself@2.4.0-4.el8ev?arch=src" } } }, { "category": "product_version", "name": "python-pbr-0:5.1.2-2.el8ost.src", "product": { "name": "python-pbr-0:5.1.2-2.el8ost.src", "product_id": "python-pbr-0:5.1.2-2.el8ost.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-pbr@5.1.2-2.el8ost?arch=src" } } }, { "category": "product_version", "name": "python-six-0:1.12.0-1.el8ost.src", "product": { "name": "python-six-0:1.12.0-1.el8ost.src", "product_id": "python-six-0:1.12.0-1.el8ost.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-six@1.12.0-1.el8ost?arch=src" } } }, { "category": "product_version", "name": "python-netaddr-0:0.7.19-8.1.el8ost.src", "product": { "name": "python-netaddr-0:0.7.19-8.1.el8ost.src", "product_id": "python-netaddr-0:0.7.19-8.1.el8ost.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-netaddr@0.7.19-8.1.el8ost?arch=src" } } }, { "category": "product_version", "name": "m2crypto-0:0.35.2-5.el8ev.src", "product": { "name": "m2crypto-0:0.35.2-5.el8ev.src", "product_id": "m2crypto-0:0.35.2-5.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/m2crypto@0.35.2-5.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "product": { "name": "ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "product_id": "ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.6-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "product": { "name": "python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "product_id": "python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-ovsdbapp@0.17.1-0.20191216120142.206cf14.el8ost?arch=src" } } }, { "category": "product_version", "name": "rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "product": { "name": "rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "product_id": "rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm-setup-plugins@4.4.2-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "product": { "name": "ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "product_id": "ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extension-aaa-ldap@1.4.0-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "product": { "name": "ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "product_id": "ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extension-aaa-misc@1.1.0-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "python-notario-0:0.0.16-2.el8cp.src", "product": { "name": "python-notario-0:0.0.16-2.el8cp.src", "product_id": "python-notario-0:0.0.16-2.el8cp.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-notario@0.0.16-2.el8cp?arch=src" } } }, { "category": "product_version", "name": "novnc-0:1.1.0-1.el8ost.src", "product": { "name": "novnc-0:1.1.0-1.el8ost.src", "product_id": "novnc-0:1.1.0-1.el8ost.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/novnc@1.1.0-1.el8ost?arch=src" } } }, { "category": "product_version", "name": "python-websocket-client-0:0.54.0-1.el8ost.src", "product": { "name": "python-websocket-client-0:0.54.0-1.el8ost.src", "product_id": "python-websocket-client-0:0.54.0-1.el8ost.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-websocket-client@0.54.0-1.el8ost?arch=src" } } }, { "category": "product_version", "name": "log4j12-0:1.2.17-22.el8ev.src", "product": { "name": "log4j12-0:1.2.17-22.el8ev.src", "product_id": "log4j12-0:1.2.17-22.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/log4j12@1.2.17-22.el8ev?arch=src" } } }, { "category": "product_version", "name": "ansible-runner-0:1.4.5-1.el8ar.src", "product": { "name": "ansible-runner-0:1.4.5-1.el8ar.src", "product_id": "ansible-runner-0:1.4.5-1.el8ar.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ansible-runner@1.4.5-1.el8ar?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "product": { "name": "ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "product_id": "ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extension-logger-log4j@1.1.0-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "rhvm-dependencies-0:4.4.0-1.el8ev.src", "product": { "name": "rhvm-dependencies-0:4.4.0-1.el8ev.src", "product_id": "rhvm-dependencies-0:4.4.0-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm-dependencies@4.4.0-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "java-client-kubevirt-0:0.5.0-1.el8ev.src", "product": { "name": "java-client-kubevirt-0:0.5.0-1.el8ev.src", "product_id": "java-client-kubevirt-0:0.5.0-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-client-kubevirt@0.5.0-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "apache-commons-compress-0:1.18-1.el8ev.src", "product": { "name": "apache-commons-compress-0:1.18-1.el8ev.src", "product_id": "apache-commons-compress-0:1.18-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-compress@1.18-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "apache-commons-jxpath-0:1.3-29.el8ev.src", "product": { "name": "apache-commons-jxpath-0:1.3-29.el8ev.src", "product_id": "apache-commons-jxpath-0:1.3-29.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-jxpath@1.3-29.el8ev?arch=src" } } }, { "category": "product_version", "name": "python-flask-restful-0:0.3.6-8.el8ost.src", "product": { "name": "python-flask-restful-0:0.3.6-8.el8ost.src", "product_id": "python-flask-restful-0:0.3.6-8.el8ost.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-flask-restful@0.3.6-8.el8ost?arch=src" } } }, { "category": "product_version", "name": "python-aniso8601-0:0.82-4.el8ost.src", "product": { "name": "python-aniso8601-0:0.82-4.el8ost.src", "product_id": "python-aniso8601-0:0.82-4.el8ost.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-aniso8601@0.82-4.el8ost?arch=src" } } }, { "category": "product_version", "name": "python-werkzeug-0:0.16.0-1.el8ost.src", "product": { "name": "python-werkzeug-0:0.16.0-1.el8ost.src", "product_id": "python-werkzeug-0:0.16.0-1.el8ost.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-werkzeug@0.16.0-1.el8ost?arch=src" } } }, { "category": "product_version", "name": "python-flask-1:1.0.2-2.el8ost.src", "product": { "name": "python-flask-1:1.0.2-2.el8ost.src", "product_id": "python-flask-1:1.0.2-2.el8ost.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-flask@1.0.2-2.el8ost?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "product": { "name": "ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "product_id": "ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-cockpit-sso@0.1.4-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ansible-runner-service-0:1.0.2-1.el8ev.src", "product": { "name": "ansible-runner-service-0:1.0.2-1.el8ev.src", "product_id": "ansible-runner-service-0:1.0.2-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ansible-runner-service@1.0.2-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "openstack-java-sdk-0:3.2.9-1.el8ev.src", "product": { "name": "openstack-java-sdk-0:3.2.9-1.el8ev.src", "product_id": "openstack-java-sdk-0:3.2.9-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openstack-java-sdk@3.2.9-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "product": { "name": "ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "product_id": "ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-fast-forward-upgrade@1.1.6-0.el8ev?arch=src" } } }, { "category": "product_version", "name": "engine-db-query-0:1.6.1-1.el8ev.src", "product": { "name": "engine-db-query-0:1.6.1-1.el8ev.src", "product_id": "engine-db-query-0:1.6.1-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/engine-db-query@1.6.1-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "product": { "name": "rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "product_id": "rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.2-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "product": { "name": "ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "product_id": "ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-metrics@1.4.1.1-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "apache-sshd-0:2.5.1-1.el8ev.src", "product": { "name": "apache-sshd-0:2.5.1-1.el8ev.src", "product_id": "apache-sshd-0:2.5.1-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-sshd@2.5.1-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "product": { "name": "rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "product_id": "rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.4.4-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "product": { "name": "ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "product_id": "ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.4.1.2-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-web-ui-0:1.6.3-1.el8ev.src", "product": { "name": "ovirt-web-ui-0:1.6.3-1.el8ev.src", "product_id": "ovirt-web-ui-0:1.6.3-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-web-ui@1.6.3-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "product": { "name": "ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "product_id": "ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.2.2-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "product": { "name": "ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "product_id": "ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine@4.4.1.8-0.7.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-log-collector-0:4.4.2-1.el8ev.src", "product": { "name": "ovirt-log-collector-0:4.4.2-1.el8ev.src", "product_id": "ovirt-log-collector-0:4.4.2-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.2-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "apache-commons-configuration-0:1.10-1.el8ev.src", "product": { "name": "apache-commons-configuration-0:1.10-1.el8ev.src", "product_id": "apache-commons-configuration-0:1.10-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-configuration@1.10-1.el8ev?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "product": { "name": "python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "product_id": "python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-m2crypto@0.35.2-5.el8ev?arch=x86_64" } } }, { "category": "product_version", "name": "m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "product": { "name": "m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "product_id": "m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/m2crypto-debugsource@0.35.2-5.el8ev?arch=x86_64" } } }, { "category": "product_version", "name": "python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "product": { "name": "python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "product_id": "python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-m2crypto-debuginfo@0.35.2-5.el8ev?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "ansible-runner-0:1.4.5-1.el8ar.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch" }, "product_reference": "ansible-runner-0:1.4.5-1.el8ar.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ansible-runner-0:1.4.5-1.el8ar.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src" }, "product_reference": "ansible-runner-0:1.4.5-1.el8ar.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ansible-runner-service-0:1.0.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch" }, "product_reference": "ansible-runner-service-0:1.0.2-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ansible-runner-service-0:1.0.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src" }, "product_reference": "ansible-runner-service-0:1.0.2-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-collections4-0:4.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch" }, "product_reference": "apache-commons-collections4-0:4.4-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-collections4-0:4.4-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src" }, "product_reference": "apache-commons-collections4-0:4.4-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch" }, "product_reference": "apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-compress-0:1.18-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch" }, "product_reference": "apache-commons-compress-0:1.18-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-compress-0:1.18-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src" }, "product_reference": "apache-commons-compress-0:1.18-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch" }, "product_reference": "apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-configuration-0:1.10-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch" }, "product_reference": "apache-commons-configuration-0:1.10-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-configuration-0:1.10-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src" }, "product_reference": "apache-commons-configuration-0:1.10-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-jexl-0:2.1.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch" }, "product_reference": "apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-jexl-0:2.1.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src" }, "product_reference": "apache-commons-jexl-0:2.1.1-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch" }, "product_reference": "apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-jxpath-0:1.3-29.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch" }, "product_reference": "apache-commons-jxpath-0:1.3-29.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-jxpath-0:1.3-29.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src" }, "product_reference": "apache-commons-jxpath-0:1.3-29.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch" }, "product_reference": "apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-vfs-0:2.4.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch" }, "product_reference": "apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-vfs-0:2.4.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src" }, "product_reference": "apache-commons-vfs-0:2.4.1-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch" }, "product_reference": "apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch" }, "product_reference": "apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch" }, "product_reference": "apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-sshd-0:2.5.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch" }, "product_reference": "apache-sshd-0:2.5.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-sshd-0:2.5.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src" }, "product_reference": "apache-sshd-0:2.5.1-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch" }, "product_reference": "apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ebay-cors-filter-0:1.0.1-4.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch" }, "product_reference": "ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ebay-cors-filter-0:1.0.1-4.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src" }, "product_reference": "ebay-cors-filter-0:1.0.1-4.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ed25519-java-0:0.3.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch" }, "product_reference": "ed25519-java-0:0.3.0-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ed25519-java-0:0.3.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src" }, "product_reference": "ed25519-java-0:0.3.0-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch" }, "product_reference": "ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "engine-db-query-0:1.6.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch" }, "product_reference": "engine-db-query-0:1.6.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "engine-db-query-0:1.6.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src" }, "product_reference": "engine-db-query-0:1.6.1-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "java-client-kubevirt-0:0.5.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch" }, "product_reference": "java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "java-client-kubevirt-0:0.5.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src" }, "product_reference": "java-client-kubevirt-0:0.5.0-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "log4j12-0:1.2.17-22.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch" }, "product_reference": "log4j12-0:1.2.17-22.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "log4j12-0:1.2.17-22.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src" }, "product_reference": "log4j12-0:1.2.17-22.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "log4j12-javadoc-0:1.2.17-22.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch" }, "product_reference": "log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "m2crypto-0:0.35.2-5.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src" }, "product_reference": "m2crypto-0:0.35.2-5.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64" }, "product_reference": "m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "makeself-0:2.4.0-4.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch" }, "product_reference": "makeself-0:2.4.0-4.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "makeself-0:2.4.0-4.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src" }, "product_reference": "makeself-0:2.4.0-4.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "novnc-0:1.1.0-1.el8ost.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch" }, "product_reference": "novnc-0:1.1.0-1.el8ost.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "novnc-0:1.1.0-1.el8ost.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src" }, "product_reference": "novnc-0:1.1.0-1.el8ost.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-client-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-client-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-glance-client-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-glance-model-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-heat-client-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-heat-model-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-javadoc-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-nova-client-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-nova-model-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-sdk-0:3.2.9-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src" }, "product_reference": "openstack-java-sdk-0:3.2.9-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-swift-client-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-java-swift-model-0:3.2.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch" }, "product_reference": "openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch" }, "product_reference": "ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-cockpit-sso-0:0.1.4-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src" }, "product_reference": "ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-0:4.4.1.8-0.7.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src" }, "product_reference": "ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch" }, "product_reference": "ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src" }, "product_reference": "ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch" }, "product_reference": "ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src" }, "product_reference": "ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch" }, "product_reference": "ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch" }, "product_reference": "ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch" }, "product_reference": "ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src" }, "product_reference": "ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch" }, "product_reference": "ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src" }, "product_reference": "ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch" }, "product_reference": "ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch" }, "product_reference": "ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src" }, "product_reference": "ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch" }, "product_reference": "ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src" }, "product_reference": "ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch" }, "product_reference": "ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src" }, "product_reference": "ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch" }, "product_reference": "ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch" }, "product_reference": "ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src" }, "product_reference": "ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch" }, "product_reference": "ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src" }, "product_reference": "ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch" }, "product_reference": "ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src" }, "product_reference": "ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-log-collector-0:4.4.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch" }, "product_reference": "ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-log-collector-0:4.4.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src" }, "product_reference": "ovirt-log-collector-0:4.4.2-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch" }, "product_reference": "ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src" }, "product_reference": "ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-web-ui-0:1.6.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch" }, "product_reference": "ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-web-ui-0:1.6.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src" }, "product_reference": "ovirt-web-ui-0:1.6.3-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-aniso8601-0:0.82-4.el8ost.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src" }, "product_reference": "python-aniso8601-0:0.82-4.el8ost.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-flask-1:1.0.2-2.el8ost.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src" }, "product_reference": "python-flask-1:1.0.2-2.el8ost.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-flask-doc-1:1.0.2-2.el8ost.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch" }, "product_reference": "python-flask-doc-1:1.0.2-2.el8ost.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-flask-restful-0:0.3.6-8.el8ost.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src" }, "product_reference": "python-flask-restful-0:0.3.6-8.el8ost.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-netaddr-0:0.7.19-8.1.el8ost.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src" }, "product_reference": "python-netaddr-0:0.7.19-8.1.el8ost.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-notario-0:0.0.16-2.el8cp.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src" }, "product_reference": "python-notario-0:0.0.16-2.el8cp.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src" }, "product_reference": "python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-pbr-0:5.1.2-2.el8ost.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src" }, "product_reference": "python-pbr-0:5.1.2-2.el8ost.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-six-0:1.12.0-1.el8ost.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src" }, "product_reference": "python-six-0:1.12.0-1.el8ost.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-websocket-client-0:0.54.0-1.el8ost.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src" }, "product_reference": "python-websocket-client-0:0.54.0-1.el8ost.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-werkzeug-0:0.16.0-1.el8ost.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src" }, "product_reference": "python-werkzeug-0:0.16.0-1.el8ost.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python2-netaddr-0:0.7.19-8.1.el8ost.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch" }, "product_reference": "python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python2-pbr-0:5.1.2-2.el8ost.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch" }, "product_reference": "python2-pbr-0:5.1.2-2.el8ost.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python2-six-0:1.12.0-1.el8ost.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch" }, "product_reference": "python2-six-0:1.12.0-1.el8ost.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-aniso8601-0:0.82-4.el8ost.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch" }, "product_reference": "python3-aniso8601-0:0.82-4.el8ost.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ansible-runner-0:1.4.5-1.el8ar.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch" }, "product_reference": "python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-flask-1:1.0.2-2.el8ost.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch" }, "product_reference": "python3-flask-1:1.0.2-2.el8ost.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-flask-restful-0:0.3.6-8.el8ost.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch" }, "product_reference": "python3-flask-restful-0:0.3.6-8.el8ost.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-m2crypto-0:0.35.2-5.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64" }, "product_reference": "python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64" }, "product_reference": "python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-netaddr-0:0.7.19-8.1.el8ost.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch" }, "product_reference": "python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-notario-0:0.0.16-2.el8cp.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch" }, "product_reference": "python3-notario-0:0.0.16-2.el8cp.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch" }, "product_reference": "python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-pbr-0:5.1.2-2.el8ost.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch" }, "product_reference": "python3-pbr-0:5.1.2-2.el8ost.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-six-0:1.12.0-1.el8ost.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch" }, "product_reference": "python3-six-0:1.12.0-1.el8ost.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-websocket-client-0:0.54.0-1.el8ost.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch" }, "product_reference": "python3-websocket-client-0:0.54.0-1.el8ost.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-werkzeug-0:0.16.0-1.el8ost.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch" }, "product_reference": "python3-werkzeug-0:0.16.0-1.el8ost.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch" }, "product_reference": "python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch" }, "product_reference": "rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src" }, "product_reference": "rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-0:4.4.1.8-0.7.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch" }, "product_reference": "rhvm-0:4.4.1.8-0.7.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch" }, "product_reference": "rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-branding-rhv-0:4.4.4-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src" }, "product_reference": "rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-dependencies-0:4.4.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch" }, "product_reference": "rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-dependencies-0:4.4.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src" }, "product_reference": "rhvm-dependencies-0:4.4.0-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch" }, "product_reference": "rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-setup-plugins-0:4.4.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src" }, "product_reference": "rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "snmp4j-0:2.4.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch" }, "product_reference": "snmp4j-0:2.4.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "snmp4j-0:2.4.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src" }, "product_reference": "snmp4j-0:2.4.1-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "snmp4j-javadoc-0:2.4.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch" }, "product_reference": "snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch" }, "product_reference": "unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "unboundid-ldapsdk-0:4.0.14-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src" }, "product_reference": "unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch" }, "product_reference": "unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch" }, "product_reference": "vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src" }, "product_reference": "vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ws-commons-util-0:1.0.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch" }, "product_reference": "ws-commons-util-0:1.0.2-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ws-commons-util-0:1.0.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src" }, "product_reference": "ws-commons-util-0:1.0.2-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch" }, "product_reference": "ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "xmlrpc-0:3.1.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src" }, "product_reference": "xmlrpc-0:3.1.3-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "xmlrpc-client-0:3.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch" }, "product_reference": "xmlrpc-client-0:3.1.3-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "xmlrpc-common-0:3.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch" }, "product_reference": "xmlrpc-common-0:3.1.3-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch" }, "product_reference": "xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "xmlrpc-server-0:3.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" }, "product_reference": "xmlrpc-server-0:3.1.3-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2017-18635", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-10-25T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1765660" } ], "notes": [ { "category": "description", "text": "An XSS vulnerability was discovered in noVNC in which arbitrary HTML could be injected into the noVNC web page. An attacker having access to a VNC server could use target host values in a crafted URL to gain access to secure information (such as VM tokens).", "title": "Vulnerability description" }, { "category": "summary", "text": "novnc: XSS vulnerability via the messages propagated to the status field", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-18635" }, { "category": "external", "summary": "RHBZ#1765660", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1765660" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-18635", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18635" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18635", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18635" }, { "category": "external", "summary": "https://github.com/novnc/noVNC/releases/tag/v0.6.2", "url": "https://github.com/novnc/noVNC/releases/tag/v0.6.2" } ], "release_date": "2019-01-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-04T14:02:29+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3247" }, { "category": "workaround", "details": "There is no known mitigation for this issue, the flaw can only be resolved by applying updates.", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "novnc: XSS vulnerability via the messages propagated to the status field" }, { "cve": "CVE-2019-8331", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-02-20T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1686454" } ], "notes": [ { "category": "description", "text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: XSS in the tooltip or popover data-template attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-8331" }, { "category": "external", "summary": "RHBZ#1686454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8331" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331" } ], "release_date": "2019-02-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-04T14:02:29+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3247" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bootstrap: XSS in the tooltip or popover data-template attribute" }, { "cve": "CVE-2019-10086", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-10-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1767483" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is not suppressed by default. This flaw allows an attacker to access the classloader.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10086" }, { "category": "external", "summary": "RHBZ#1767483", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767483" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10086", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10086" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10086", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10086" }, { "category": "external", "summary": "https://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.4/RELEASE-NOTES.txt", "url": "https://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.4/RELEASE-NOTES.txt" } ], "release_date": "2019-08-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-04T14:02:29+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3247" }, { "category": "workaround", "details": "There is no currently known mitigation for this flaw.", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default" }, { "cve": "CVE-2019-13990", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "discovery_date": "2019-07-27T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1801149" } ], "notes": [ { "category": "description", "text": "The Terracotta Quartz Scheduler is susceptible to an XML external entity attack (XXE) through a job description. This issue stems from inadequate handling of XML external entity (XXE) declarations in the initDocumentParser function within xml/XMLSchedulingDataProcessor.java. By enticing a victim to access a maliciously crafted job description (containing XML content), a remote attacker could exploit this vulnerability to execute an XXE attack on the targeted system.", "title": "Vulnerability description" }, { "category": "summary", "text": "libquartz: XXE attacks via job description", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6 uses a vulnerable version of libquartz as a dependency for Candlepin. However, the \u003cjob\u003e\u003cdescrition\u003e entry is not used, and the vulnerability can not be triggered. An update may fix the code in the future.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13990" }, { "category": "external", "summary": "RHBZ#1801149", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801149" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13990", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13990" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13990", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13990" } ], "release_date": "2019-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-04T14:02:29+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3247" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "libquartz: XXE attacks via job description" }, { "acknowledgments": [ { "names": [ "@_w4rr4nt_" ] } ], "cve": "CVE-2019-19336", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-12-09T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781001" } ], "notes": [ { "category": "description", "text": "A cross-site scripting vulnerability was reported in the oVirt-engine\u0027s OAuth authorization endpoint. URL parameters were included in the HTML response without escaping. This flaw would allow an attacker to craft malicious HTML pages that can run scripts in the context of the user\u0027s oVirt session.", "title": "Vulnerability description" }, { "category": "summary", "text": "ovirt-engine: response_type parameter allows reflected XSS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19336" }, { "category": "external", "summary": "RHBZ#1781001", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781001" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19336", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19336" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19336", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19336" } ], "release_date": "2020-01-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-04T14:02:29+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3247" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ovirt-engine: response_type parameter allows reflected XSS" }, { "cve": "CVE-2020-7598", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2020-03-11T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1813344" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-minimist, where it was tricked into adding or modifying properties of the Object.prototype using a \"constructor\" or \"__proto__\" payload. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay only includes minimist as a dependency of the test suites, and it not include it in the product. We may fix this issue in a future Red Hat Quay release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7598" }, { "category": "external", "summary": "RHBZ#1813344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813344" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7598", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7598" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7598", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7598" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764", "url": "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764" } ], "release_date": "2020-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-04T14:02:29+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3247" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload" }, { "acknowledgments": [ { "names": [ "Chen Huiliang", "Chen RuiQi" ], "organization": "QIANXIN CodeSafe Team" } ], "cve": "CVE-2020-10775", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2020-06-09T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1847420" } ], "notes": [ { "category": "description", "text": "An Open redirect vulnerability was found in ovirt-engine versions 4.4.1 and earlier, where it allows remote attackers to redirect users to arbitrary web sites and attempt phishing attacks. Once the target has opened the malicious URL in their browser, the critical part of the URL is no longer visible. The highest threat from this vulnerability is on confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "ovirt-engine: Redirect to arbitrary URL allows for phishing", "title": "Vulnerability summary" }, { "category": "other", "text": "In Red Hat Gluster Storage 3, ovirt-engine(included in rhsc) was shipped as a part of Red Hat Gluster Storage Console that is no longer supported for use with Red Hat Gluster Storage 3.5. Red Hat Gluster Storage Web Administration is now the recommended monitoring tool for Red Hat Storage Gluster clusters. However, the vulnerable code is not included in the shipped version of ovirt-engine hence not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10775" }, { "category": "external", "summary": "RHBZ#1847420", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847420" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10775", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10775" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10775", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10775" } ], "release_date": "2020-08-04T09:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-04T14:02:29+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3247" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ovirt-engine: Redirect to arbitrary URL allows for phishing" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-04T14:02:29+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3247" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:ansible-runner-0:1.4.5-1.el8ar.src", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-service-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-collections4-0:4.4-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-collections4-javadoc-0:4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-compress-0:1.18-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.18-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-configuration-0:1.10-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jexl-0:2.1.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jexl-javadoc-0:2.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-jxpath-0:1.3-29.el8ev.src", "8Base-RHV-S-4.4:apache-commons-jxpath-javadoc-0:1.3-29.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-commons-vfs-ant-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-examples-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-commons-vfs-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-0:2.5.1-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-0:2.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.noarch", "8Base-RHV-S-4.4:ebay-cors-filter-0:1.0.1-4.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ed25519-java-0:0.3.0-1.el8ev.src", "8Base-RHV-S-4.4:ed25519-java-javadoc-0:0.3.0-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.1-1.el8ev.src", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.noarch", "8Base-RHV-S-4.4:java-client-kubevirt-0:0.5.0-1.el8ev.src", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:log4j12-0:1.2.17-22.el8ev.src", "8Base-RHV-S-4.4:log4j12-javadoc-0:1.2.17-22.el8ev.noarch", "8Base-RHV-S-4.4:m2crypto-0:0.35.2-5.el8ev.src", "8Base-RHV-S-4.4:m2crypto-debugsource-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.noarch", "8Base-RHV-S-4.4:makeself-0:2.4.0-4.el8ev.src", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.noarch", "8Base-RHV-S-4.4:novnc-0:1.1.0-1.el8ost.src", "8Base-RHV-S-4.4:openstack-java-ceilometer-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-ceilometer-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-cinder-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-glance-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-heat-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-javadoc-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-keystone-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-nova-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-quantum-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-resteasy-connector-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-sdk-0:3.2.9-1.el8ev.src", "8Base-RHV-S-4.4:openstack-java-swift-client-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:openstack-java-swift-model-0:3.2.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-cockpit-sso-0:0.1.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.4.1.8-0.7.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-api-explorer-0:0.0.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.1.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.1.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-jdbc-0:1.2.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-misc-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-logger-log4j-0:1.1.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-0:1.0.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extensions-api-javadoc-0:1.0.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.4.1.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-fast-forward-upgrade-0:1.1.6-0.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-scheduler-proxy-0:0.1.9-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.3-1.el8ev.src", "8Base-RHV-S-4.4:python-aniso8601-0:0.82-4.el8ost.src", "8Base-RHV-S-4.4:python-flask-1:1.0.2-2.el8ost.src", "8Base-RHV-S-4.4:python-flask-doc-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python-flask-restful-0:0.3.6-8.el8ost.src", "8Base-RHV-S-4.4:python-netaddr-0:0.7.19-8.1.el8ost.src", "8Base-RHV-S-4.4:python-notario-0:0.0.16-2.el8cp.src", "8Base-RHV-S-4.4:python-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.src", "8Base-RHV-S-4.4:python-pbr-0:5.1.2-2.el8ost.src", "8Base-RHV-S-4.4:python-six-0:1.12.0-1.el8ost.src", "8Base-RHV-S-4.4:python-websocket-client-0:0.54.0-1.el8ost.src", "8Base-RHV-S-4.4:python-werkzeug-0:0.16.0-1.el8ost.src", "8Base-RHV-S-4.4:python2-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python2-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python2-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-aniso8601-0:0.82-4.el8ost.noarch", "8Base-RHV-S-4.4:python3-ansible-runner-0:1.4.5-1.el8ar.noarch", "8Base-RHV-S-4.4:python3-flask-1:1.0.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-flask-restful-0:0.3.6-8.el8ost.noarch", "8Base-RHV-S-4.4:python3-m2crypto-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-m2crypto-debuginfo-0:0.35.2-5.el8ev.x86_64", "8Base-RHV-S-4.4:python3-netaddr-0:0.7.19-8.1.el8ost.noarch", "8Base-RHV-S-4.4:python3-notario-0:0.0.16-2.el8cp.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovsdbapp-0:0.17.1-0.20191216120142.206cf14.el8ost.noarch", "8Base-RHV-S-4.4:python3-pbr-0:5.1.2-2.el8ost.noarch", "8Base-RHV-S-4.4:python3-six-0:1.12.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-websocket-client-0:0.54.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:python3-werkzeug-doc-0:0.16.0-1.el8ost.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.4.1.8-0.7.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.4-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-dependencies-0:4.4.0-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.4.2-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:snmp4j-0:2.4.1-1.el8ev.src", "8Base-RHV-S-4.4:snmp4j-javadoc-0:2.4.1-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:4.0.14-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:4.0.14-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ws-commons-util-0:1.0.2-1.el8ev.src", "8Base-RHV-S-4.4:ws-commons-util-javadoc-0:1.0.2-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-0:3.1.3-1.el8ev.src", "8Base-RHV-S-4.4:xmlrpc-client-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-common-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-javadoc-0:3.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:xmlrpc-server-0:3.1.3-1.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-04T14:02:29+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3247" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.2.2-1.el8ev.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" } ] }
rhsa-2020_4847
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* pki: Dogtag\u0027s python client does not validate certificates (CVE-2020-15720)\n\n* pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:4847", "url": "https://access.redhat.com/errata/RHSA-2020:4847" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/" }, { "category": "external", "summary": "1376706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1376706" }, { "category": "external", "summary": "1399546", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546" }, { "category": "external", "summary": "1406505", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406505" }, { "category": "external", "summary": "1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "1666907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666907" }, { "category": "external", "summary": "1668097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097" }, { "category": "external", "summary": "1686454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454" }, { "category": "external", "summary": "1695901", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695901" }, { "category": "external", "summary": "1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "1706521", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1706521" }, { "category": "external", "summary": "1710171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710171" }, { "category": "external", "summary": "1721684", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1721684" }, { "category": "external", "summary": "1724433", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724433" }, { "category": "external", "summary": "1732565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732565" }, { "category": "external", "summary": "1732981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732981" }, { "category": "external", "summary": "1777579", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777579" }, { "category": "external", "summary": "1805541", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805541" }, { "category": "external", "summary": "1817247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817247" }, { "category": "external", "summary": "1821851", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821851" }, { "category": "external", "summary": "1822246", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1822246" }, { "category": "external", "summary": "1824939", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824939" }, { "category": "external", "summary": "1824948", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824948" }, { "category": "external", "summary": "1825998", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825998" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "1842734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842734" }, { "category": "external", "summary": "1842736", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842736" }, { "category": "external", "summary": "1843537", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843537" }, { "category": "external", "summary": "1845447", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845447" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "1854043", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854043" }, { "category": "external", "summary": "1854959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854959" }, { "category": "external", "summary": "1855273", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855273" }, { "category": "external", "summary": "1855319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855319" }, { "category": "external", "summary": "1856368", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856368" }, { "category": "external", "summary": "1857933", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857933" }, { "category": "external", "summary": "1861911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861911" }, { "category": "external", "summary": "1869893", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869893" }, { "category": "external", "summary": "1871064", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1871064" }, { "category": "external", "summary": "1873235", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873235" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4847.json" } ], "title": "Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-15T08:38:40+00:00", "generator": { "date": "2024-11-15T08:38:40+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:4847", "initial_release_date": "2020-11-04T01:39:43+00:00", "revision_history": [ { "date": "2020-11-04T01:39:43+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-11-04T01:39:43+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:38:40+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "pki-deps:10.6:8030020200527165326:30b713e6", "product": { "name": "pki-deps:10.6:8030020200527165326:30b713e6", "product_id": "pki-deps:10.6:8030020200527165326:30b713e6", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/pki-deps@10.6:8030020200527165326:30b713e6" } } }, { "category": "product_version", "name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "product": { "name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "product_id": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=noarch" } } }, { "category": "product_version", "name": "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/bea-stax-api@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jaxb-core@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jaxb-runtime@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jaxb-txw2@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "product": { "name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "product_id": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch" } } }, { "category": "product_version", "name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "product": { "name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "product_id": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch" } } }, { "category": "product_version", "name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "product": { "name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "product_id": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch" } } }, { "category": "product_version", "name": "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "product": { "name": "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "product_id": "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jackson-jaxrs-json-provider@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch" } } }, { "category": "product_version", "name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "product": { "name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "product_id": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch" } } }, { "category": "product_version", "name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/javassist-javadoc@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "product": { "name": "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "product_id": "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-servlet-4.0-api@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "product": { "name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "product_id": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "product": { "name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "product_id": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch" } } }, { "category": "product_version", "name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/slf4j-jdk14@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "product": { "name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "product_id": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch" } } }, { "category": "product_version", "name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "product": { "name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "product_id": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch" } } }, { "category": "product_version", "name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "product": { "name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "product_id": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch" } } }, { "category": "product_version", "name": "pki-core:10.6:8030020200911215836:5ff1562f", "product": { "name": "pki-core:10.6:8030020200911215836:5ff1562f", "product_id": "pki-core:10.6:8030020200911215836:5ff1562f", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/pki-core@10.6:8030020200911215836:5ff1562f" } } }, { "category": "product_version", "name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "product": { "name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "product_id": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch" } } }, { "category": "product_version", "name": "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "product": { "name": "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "product_id": "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ldapjdk-javadoc@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch" } } }, { "category": "product_version", "name": "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product": { "name": "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product_id": "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-base@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch" } } }, { "category": "product_version", "name": "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product": { "name": "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product_id": "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-base-java@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch" } } }, { "category": "product_version", "name": "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product": { "name": "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product_id": "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-ca@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch" } } }, { "category": "product_version", "name": "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product": { "name": "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product_id": "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-kra@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch" } } }, { "category": "product_version", "name": "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product": { "name": "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product_id": "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-server@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch" } } }, { "category": "product_version", "name": "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product": { "name": "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product_id": "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-pki@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch" } } }, { "category": "product_version", "name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "product": { "name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "product_id": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "product_id": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "product_id": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "product": { "name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "product_id": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=src" } } }, { "category": "product_version", "name": "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "product_id": "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/bea-stax@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "product_id": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "product_id": "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jaxb@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "product_id": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "product": { "name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "product_id": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src" } } }, { "category": "product_version", "name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "product": { "name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "product_id": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src" } } }, { "category": "product_version", "name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "product": { "name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "product_id": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src" } } }, { "category": "product_version", "name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "product": { "name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "product_id": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=src" } } }, { "category": "product_version", "name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "product_id": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "product_id": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "product_id": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "product": { "name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "product_id": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "product_id": "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "product_id": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "product": { "name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "product_id": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src" } } }, { "category": "product_version", "name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "product_id": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "product": { "name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "product_id": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src" } } }, { "category": "product_version", "name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "product_id": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "product_id": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "product_id": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "product_id": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "product_id": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "product": { "name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "product_id": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src" } } }, { "category": "product_version", "name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", "product": { "name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", "product_id": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src" } } }, { "category": "product_version", "name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "product": { "name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "product_id": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src" } } }, { "category": "product_version", "name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "product": { "name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "product_id": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=src" } } }, { "category": "product_version", "name": "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "product": { "name": "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "product_id": "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-core@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src" } } }, { "category": "product_version", "name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "product": { "name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "product_id": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "product": { "name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "product_id": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64" } } }, { "category": "product_version", "name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "product": { "name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "product_id": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64" } } }, { "category": "product_version", "name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "product": { "name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "product_id": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64" } } }, { "category": "product_version", "name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "product": { "name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "product_id": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64" } } }, { "category": "product_version", "name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "product": { "name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_id": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64" } } }, { "category": "product_version", "name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "product": { "name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_id": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64" } } }, { "category": "product_version", "name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "product": { "name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_id": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64" } } }, { "category": "product_version", "name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "product": { "name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_id": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64" } } }, { "category": "product_version", "name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product": { "name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_id": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64" } } }, { "category": "product_version", "name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product": { "name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_id": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64" } } }, { "category": "product_version", "name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product": { "name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_id": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64" } } }, { "category": "product_version", "name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product": { "name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_id": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64" } } }, { "category": "product_version", "name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product": { "name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_id": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64" } } }, { "category": "product_version", "name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product": { "name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_id": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "product": { "name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "product_id": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x" } } }, { "category": "product_version", "name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "product": { "name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "product_id": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x" } } }, { "category": "product_version", "name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "product": { "name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "product_id": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x" } } }, { "category": "product_version", "name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "product": { "name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "product_id": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x" } } }, { "category": "product_version", "name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "product": { "name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "product_id": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x" } } }, { "category": "product_version", "name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "product": { "name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "product_id": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x" } } }, { "category": "product_version", "name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "product": { "name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "product_id": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x" } } }, { "category": "product_version", "name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "product": { "name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "product_id": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x" } } }, { "category": "product_version", "name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product": { "name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product_id": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x" } } }, { "category": "product_version", "name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product": { "name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product_id": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x" } } }, { "category": "product_version", "name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product": { "name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product_id": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x" } } }, { "category": "product_version", "name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product": { "name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product_id": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x" } } }, { "category": "product_version", "name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product": { "name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product_id": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x" } } }, { "category": "product_version", "name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product": { "name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product_id": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "product": { "name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "product_id": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le" } } }, { "category": "product_version", "name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "product": { "name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "product_id": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "product": { "name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "product_id": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "product": { "name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "product_id": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le" } } }, { "category": "product_version", "name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product": { "name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_id": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le" } } }, { "category": "product_version", "name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product": { "name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_id": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le" } } }, { "category": "product_version", "name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product": { "name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_id": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le" } } }, { "category": "product_version", "name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product": { "name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_id": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le" } } }, { "category": "product_version", "name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product": { "name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_id": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le" } } }, { "category": "product_version", "name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product": { "name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_id": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le" } } }, { "category": "product_version", "name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product": { "name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_id": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le" } } }, { "category": "product_version", "name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product": { "name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_id": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le" } } }, { "category": "product_version", "name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product": { "name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_id": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le" } } }, { "category": "product_version", "name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product": { "name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_id": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "product": { "name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "product_id": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64" } } }, { "category": "product_version", "name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "product": { "name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "product_id": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64" } } }, { "category": "product_version", "name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "product": { "name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "product_id": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64" } } }, { "category": "product_version", "name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "product": { "name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "product_id": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64" } } }, { "category": "product_version", "name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "product": { "name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_id": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64" } } }, { "category": "product_version", "name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "product": { "name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_id": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64" } } }, { "category": "product_version", "name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "product": { "name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_id": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64" } } }, { "category": "product_version", "name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "product": { "name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_id": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64" } } }, { "category": "product_version", "name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product": { "name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_id": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64" } } }, { "category": "product_version", "name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product": { "name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_id": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64" } } }, { "category": "product_version", "name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product": { "name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_id": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64" } } }, { "category": "product_version", "name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product": { "name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_id": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64" } } }, { "category": "product_version", "name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product": { "name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_id": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64" } } }, { "category": "product_version", "name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product": { "name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_id": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, "product_reference": "pki-core:10.6:8030020200911215836:5ff1562f", "relates_to_product_reference": "AppStream-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64" }, "product_reference": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le" }, "product_reference": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x" }, "product_reference": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src" }, "product_reference": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64" }, "product_reference": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64" }, "product_reference": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le" }, "product_reference": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x" }, "product_reference": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64" }, "product_reference": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64" }, "product_reference": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le" }, "product_reference": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x" }, "product_reference": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64" }, "product_reference": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64" }, "product_reference": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le" }, "product_reference": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x" }, "product_reference": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64" }, "product_reference": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch" }, "product_reference": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src" }, "product_reference": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch" }, "product_reference": "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch" }, "product_reference": "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch" }, "product_reference": "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch" }, "product_reference": "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src" }, "product_reference": "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64" }, "product_reference": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le" }, "product_reference": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x" }, "product_reference": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64" }, "product_reference": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64" }, "product_reference": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le" }, "product_reference": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x" }, "product_reference": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64" }, "product_reference": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch" }, "product_reference": "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch" }, "product_reference": "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64" }, "product_reference": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le" }, "product_reference": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x" }, "product_reference": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64" }, "product_reference": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64" }, "product_reference": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le" }, "product_reference": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x" }, "product_reference": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64" }, "product_reference": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64" }, "product_reference": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le" }, "product_reference": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x" }, "product_reference": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64" }, "product_reference": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64" }, "product_reference": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le" }, "product_reference": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x" }, "product_reference": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64" }, "product_reference": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch" }, "product_reference": "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch" }, "product_reference": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src" }, "product_reference": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f" }, { "category": "default_component_of", "full_product_name": { "name": "pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, "product_reference": "pki-deps:10.6:8030020200527165326:30b713e6", "relates_to_product_reference": "AppStream-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch" }, "product_reference": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src" }, "product_reference": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch" }, "product_reference": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src" }, "product_reference": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch" }, "product_reference": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src" }, "product_reference": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch" }, "product_reference": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src" }, "product_reference": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch" }, "product_reference": "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch" }, "product_reference": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src" }, "product_reference": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch" }, "product_reference": "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch" }, "product_reference": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src" }, "product_reference": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64" }, "product_reference": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le" }, "product_reference": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x" }, "product_reference": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64" }, "product_reference": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64" }, "product_reference": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le" }, "product_reference": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x" }, "product_reference": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64" }, "product_reference": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64" }, "product_reference": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le" }, "product_reference": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x" }, "product_reference": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64" }, "product_reference": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64" }, "product_reference": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le" }, "product_reference": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x" }, "product_reference": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64" }, "product_reference": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch" }, "product_reference": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src" }, "product_reference": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch" }, "product_reference": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src" }, "product_reference": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch" }, "product_reference": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src" }, "product_reference": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch" }, "product_reference": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" }, "product_reference": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", "relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-9251", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2016-11-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1399546" } ], "notes": [ { "category": "description", "text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting via cross-domain ajax requests", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-9251" }, { "category": "external", "summary": "RHBZ#1399546", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251", "url": "https://www.cve.org/CVERecord?id=CVE-2015-9251" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251" } ], "release_date": "2015-06-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting via cross-domain ajax requests" }, { "cve": "CVE-2016-10735", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-01-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1668097" } ], "notes": [ { "category": "description", "text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: XSS in the data-target attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-10735" }, { "category": "external", "summary": "RHBZ#1668097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735", "url": "https://www.cve.org/CVERecord?id=CVE-2016-10735" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735" } ], "release_date": "2016-06-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bootstrap: XSS in the data-target attribute" }, { "cve": "CVE-2018-14040", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601614" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14040" }, { "category": "external", "summary": "RHBZ#1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14040" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute" }, { "cve": "CVE-2018-14042", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601617" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14042" }, { "category": "external", "summary": "RHBZ#1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14042" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip" }, { "cve": "CVE-2019-8331", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-02-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1686454" } ], "notes": [ { "category": "description", "text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: XSS in the tooltip or popover data-template attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-8331" }, { "category": "external", "summary": "RHBZ#1686454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8331" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331" } ], "release_date": "2019-02-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bootstrap: XSS in the tooltip or popover data-template attribute" }, { "acknowledgments": [ { "names": [ "Pritam Singh" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2019-10146", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-05-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1710171" } ], "notes": [ { "category": "description", "text": "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim\u0027s browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim\u0027s browser.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10146" }, { "category": "external", "summary": "RHBZ#1710171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710171" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10146", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10146" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10146" } ], "release_date": "2020-02-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page" }, { "acknowledgments": [ { "names": [ "Pritam Singh" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2019-10179", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1695901" } ], "notes": [ { "category": "description", "text": "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", "title": "Vulnerability description" }, { "category": "summary", "text": "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10179" }, { "category": "external", "summary": "RHBZ#1695901", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695901" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10179", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10179" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10179" } ], "release_date": "2020-02-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab" }, { "acknowledgments": [ { "names": [ "Pritam Singh" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2019-10221", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-07-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1732565" } ], "notes": [ { "category": "description", "text": "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "pki-core: Reflected XSS in getcookies?url= endpoint in CA", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10221" }, { "category": "external", "summary": "RHBZ#1732565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732565" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10221", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10221" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10221" } ], "release_date": "2020-02-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "pki-core: Reflected XSS in getcookies?url= endpoint in CA" }, { "cve": "CVE-2019-11358", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-03-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1701972" } ], "notes": [ { "category": "description", "text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11358" }, { "category": "external", "summary": "RHBZ#1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "category": "external", "summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "category": "external", "summary": "https://www.drupal.org/sa-core-2019-006", "url": "https://www.drupal.org/sa-core-2019-006" } ], "release_date": "2019-03-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection" }, { "acknowledgments": [ { "names": [ "Pritam Singh" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2020-1721", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-11-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1777579" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", "title": "Vulnerability description" }, { "category": "summary", "text": "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1721" }, { "category": "external", "summary": "RHBZ#1777579", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777579" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1721", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1721" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1721" } ], "release_date": "2020-02-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "pki-core: KRA vulnerable to reflected XSS via the getPk12 page" }, { "acknowledgments": [ { "names": [ "@ZeddYu" ], "organization": "Apache Tomcat Security Team" } ], "cve": "CVE-2020-1935", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2019-12-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1806835" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line (EOL) parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. The highest threat with this vulnerability is system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenDaylight in Red Hat OpenStack 10 \u0026 13 was in technical preview status, because of this no fixes will be released for it.\n\nIn Red Hat Satellite 6, Candlepin is using Tomcat to provide a REST API, and has been found to be vulnerable to the flaw. However, it is currently believed that no useful attacks can be carried over.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1935" }, { "category": "external", "summary": "RHBZ#1806835", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806835" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1935", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1935" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1935", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1935" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51" }, { "category": "external", "summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", "url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31" } ], "release_date": "2020-02-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" }, { "category": "workaround", "details": "Workaround for Red Hat Satellite 6 is to add iptables rule to deny TCP requests of Tomcat that are not originating from the Satellite.\n\nFor other Red Hat products, either mitigation isn\u0027t available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling" }, { "cve": "CVE-2020-1938", "cwe": { "id": "CWE-285", "name": "Improper Authorization" }, "discovery_date": "2020-02-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1806398" } ], "notes": [ { "category": "description", "text": "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1938" }, { "category": "external", "summary": "RHBZ#1806398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1938", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1938" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938" }, { "category": "external", "summary": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", "url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51" }, { "category": "external", "summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", "url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31" }, { "category": "external", "summary": "https://www.cnvd.org.cn/webinfo/show/5415", "url": "https://www.cnvd.org.cn/webinfo/show/5415" }, { "category": "external", "summary": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", "url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2020-02-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" }, { "category": "workaround", "details": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-03-03T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Moderate" } ], "title": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "acknowledgments": [ { "names": [ "Christian Heimes" ] } ], "cve": "CVE-2020-15720", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1855273" } ], "notes": [ { "category": "description", "text": "A flaw was found in PKI, where the dogtag\u0027s pki.client.PKIConnection class disables the python-requests certificate validation. This flaw allows an attacker to intercept a connection between a FreeIPA client and a server, and execute an active Man-in-the-Middle attack. The highest threat from this vulnerability is to confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "pki: Dogtag\u0027s python client does not validate certificates", "title": "Vulnerability summary" }, { "category": "other", "text": "In PKI, the pki.client.PKIConnection python class is used by the `pki-server` and `pkispawn` commands. `pki-server` runs locally on the server, thus not subject to a Person in the Middle attack. `pkispawn` may access remote node in decentralized or cloned contexts.\n\nIdentity Management (IPA) command line interface (the vault related sub-commands) may call pki.client.PKIConnection().", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-15720" }, { "category": "external", "summary": "RHBZ#1855273", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855273" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-15720", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15720" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15720", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15720" } ], "release_date": "2020-06-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "pki: Dogtag\u0027s python client does not validate certificates" }, { "cve": "CVE-2020-25715", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-10-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1891016" } ], "notes": [ { "category": "description", "text": "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "pki-core: XSS in the certificate search results", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-25715" }, { "category": "external", "summary": "RHBZ#1891016", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891016" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-25715", "url": "https://www.cve.org/CVERecord?id=CVE-2020-25715" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25715" } ], "release_date": "2021-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" }, { "category": "workaround", "details": "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "pki-core: XSS in the certificate search results" }, { "cve": "CVE-2022-25762", "cwe": { "id": "CWE-226", "name": "Sensitive Information in Resource Not Removed Before Reuse" }, "discovery_date": "2022-05-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2085304" } ], "notes": [ { "category": "description", "text": "A flaw was found in the tomcat package. When a web application sends a WebSocket message concurrently with the WebSocket connection closing, the application may continue to use the socket after it has been closed. In this case, the error handling triggered could cause the pooled object to be placed in the pool twice. This issue results in subsequent connections using the same object concurrently, which causes data to be potentially returned to the wrong user or application stability issues.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: request mixup", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-25762" }, { "category": "external", "summary": "RHBZ#2085304", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2085304" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25762", "url": "https://www.cve.org/CVERecord?id=CVE-2022-25762" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25762", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25762" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76" } ], "release_date": "2022-05-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:39:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4847" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" }, "products": [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tomcat: request mixup" } ] }
rhsa-2020_3369
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for OpenShift Service Mesh 1.1.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)\n\n* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\n* jQuery: passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* macaron: open redirect in the static handler (CVE-2020-12666)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:3369", "url": "https://access.redhat.com/errata/RHSA-2020:3369" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1804533", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "1850034", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850034" }, { "category": "external", "summary": "1853652", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652" }, { "category": "external", "summary": "1857412", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857412" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3369.json" } ], "title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh security update", "tracking": { "current_release_date": "2024-11-15T08:35:46+00:00", "generator": { "date": "2024-11-15T08:35:46+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:3369", "initial_release_date": "2020-08-06T20:19:17+00:00", "revision_history": [ { "date": "2020-08-06T20:19:17+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-08-06T20:19:17+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:35:46+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "OpenShift Service Mesh 1.1", "product": { "name": "OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:service_mesh:1.1::el8" } } }, { "category": "product_name", "name": "Red Hat OpenShift Service Mesh 1.1", "product": { "name": "Red Hat OpenShift Service Mesh 1.1", "product_id": "7Server-RH7-RHOSSM-1.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:service_mesh:1.1::el7" } } } ], "category": "product_family", "name": "Red Hat OpenShift Service Mesh" }, { "branches": [ { "category": "product_version", "name": "ior-0:1.1.6-1.el8.x86_64", "product": { "name": "ior-0:1.1.6-1.el8.x86_64", "product_id": "ior-0:1.1.6-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ior@1.1.6-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "servicemesh-0:1.1.6-1.el8.x86_64", "product": { "name": "servicemesh-0:1.1.6-1.el8.x86_64", "product_id": "servicemesh-0:1.1.6-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh@1.1.6-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "servicemesh-citadel-0:1.1.6-1.el8.x86_64", "product": { "name": "servicemesh-citadel-0:1.1.6-1.el8.x86_64", "product_id": "servicemesh-citadel-0:1.1.6-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-citadel@1.1.6-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "servicemesh-galley-0:1.1.6-1.el8.x86_64", "product": { "name": "servicemesh-galley-0:1.1.6-1.el8.x86_64", "product_id": "servicemesh-galley-0:1.1.6-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-galley@1.1.6-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "product": { "name": "servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "product_id": "servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-istioctl@1.1.6-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "servicemesh-mixc-0:1.1.6-1.el8.x86_64", "product": { "name": "servicemesh-mixc-0:1.1.6-1.el8.x86_64", "product_id": "servicemesh-mixc-0:1.1.6-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-mixc@1.1.6-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "servicemesh-mixs-0:1.1.6-1.el8.x86_64", "product": { "name": "servicemesh-mixs-0:1.1.6-1.el8.x86_64", "product_id": "servicemesh-mixs-0:1.1.6-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-mixs@1.1.6-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "product": { "name": "servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "product_id": "servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-pilot-agent@1.1.6-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "product": { "name": "servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "product_id": "servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-pilot-discovery@1.1.6-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64", "product": { "name": "servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64", "product_id": "servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-sidecar-injector@1.1.6-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "product": { "name": "servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "product_id": "servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-prometheus@2.14.0-14.el8?arch=x86_64" } } }, { "category": "product_version", "name": "servicemesh-grafana-0:6.4.3-13.el8.x86_64", "product": { "name": "servicemesh-grafana-0:6.4.3-13.el8.x86_64", "product_id": "servicemesh-grafana-0:6.4.3-13.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-grafana@6.4.3-13.el8?arch=x86_64" } } }, { "category": "product_version", "name": "servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "product": { "name": "servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "product_id": "servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-grafana-prometheus@6.4.3-13.el8?arch=x86_64" } } }, { "category": "product_version", "name": "servicemesh-cni-0:1.1.6-1.el8.x86_64", "product": { "name": "servicemesh-cni-0:1.1.6-1.el8.x86_64", "product_id": "servicemesh-cni-0:1.1.6-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-cni@1.1.6-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "servicemesh-operator-0:1.1.6-2.el8.x86_64", "product": { "name": "servicemesh-operator-0:1.1.6-2.el8.x86_64", "product_id": "servicemesh-operator-0:1.1.6-2.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-operator@1.1.6-2.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kiali-0:v1.12.10.redhat2-1.el7.x86_64", "product": { "name": "kiali-0:v1.12.10.redhat2-1.el7.x86_64", "product_id": "kiali-0:v1.12.10.redhat2-1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kiali@v1.12.10.redhat2-1.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "ior-0:1.1.6-1.el8.src", "product": { "name": "ior-0:1.1.6-1.el8.src", "product_id": "ior-0:1.1.6-1.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ior@1.1.6-1.el8?arch=src" } } }, { "category": "product_version", "name": "servicemesh-0:1.1.6-1.el8.src", "product": { "name": "servicemesh-0:1.1.6-1.el8.src", "product_id": "servicemesh-0:1.1.6-1.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh@1.1.6-1.el8?arch=src" } } }, { "category": "product_version", "name": "servicemesh-prometheus-0:2.14.0-14.el8.src", "product": { "name": "servicemesh-prometheus-0:2.14.0-14.el8.src", "product_id": "servicemesh-prometheus-0:2.14.0-14.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-prometheus@2.14.0-14.el8?arch=src" } } }, { "category": "product_version", "name": "servicemesh-grafana-0:6.4.3-13.el8.src", "product": { "name": "servicemesh-grafana-0:6.4.3-13.el8.src", "product_id": "servicemesh-grafana-0:6.4.3-13.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-grafana@6.4.3-13.el8?arch=src" } } }, { "category": "product_version", "name": "servicemesh-cni-0:1.1.6-1.el8.src", "product": { "name": "servicemesh-cni-0:1.1.6-1.el8.src", "product_id": "servicemesh-cni-0:1.1.6-1.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-cni@1.1.6-1.el8?arch=src" } } }, { "category": "product_version", "name": "servicemesh-operator-0:1.1.6-2.el8.src", "product": { "name": "servicemesh-operator-0:1.1.6-2.el8.src", "product_id": "servicemesh-operator-0:1.1.6-2.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/servicemesh-operator@1.1.6-2.el8?arch=src" } } }, { "category": "product_version", "name": "kiali-0:v1.12.10.redhat2-1.el7.src", "product": { "name": "kiali-0:v1.12.10.redhat2-1.el7.src", "product_id": "kiali-0:v1.12.10.redhat2-1.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kiali@v1.12.10.redhat2-1.el7?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kiali-0:v1.12.10.redhat2-1.el7.src as a component of Red Hat OpenShift Service Mesh 1.1", "product_id": "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src" }, "product_reference": "kiali-0:v1.12.10.redhat2-1.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "kiali-0:v1.12.10.redhat2-1.el7.x86_64 as a component of Red Hat OpenShift Service Mesh 1.1", "product_id": "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64" }, "product_reference": "kiali-0:v1.12.10.redhat2-1.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "ior-0:1.1.6-1.el8.src as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src" }, "product_reference": "ior-0:1.1.6-1.el8.src", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "ior-0:1.1.6-1.el8.x86_64 as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64" }, "product_reference": "ior-0:1.1.6-1.el8.x86_64", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-0:1.1.6-1.el8.src as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src" }, "product_reference": "servicemesh-0:1.1.6-1.el8.src", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-0:1.1.6-1.el8.x86_64 as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64" }, "product_reference": "servicemesh-0:1.1.6-1.el8.x86_64", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-citadel-0:1.1.6-1.el8.x86_64 as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64" }, "product_reference": "servicemesh-citadel-0:1.1.6-1.el8.x86_64", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-cni-0:1.1.6-1.el8.src as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src" }, "product_reference": "servicemesh-cni-0:1.1.6-1.el8.src", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-cni-0:1.1.6-1.el8.x86_64 as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64" }, "product_reference": "servicemesh-cni-0:1.1.6-1.el8.x86_64", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-galley-0:1.1.6-1.el8.x86_64 as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64" }, "product_reference": "servicemesh-galley-0:1.1.6-1.el8.x86_64", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-grafana-0:6.4.3-13.el8.src as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src" }, "product_reference": "servicemesh-grafana-0:6.4.3-13.el8.src", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-grafana-0:6.4.3-13.el8.x86_64 as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64" }, "product_reference": "servicemesh-grafana-0:6.4.3-13.el8.x86_64", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64 as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64" }, "product_reference": "servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-istioctl-0:1.1.6-1.el8.x86_64 as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64" }, "product_reference": "servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-mixc-0:1.1.6-1.el8.x86_64 as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64" }, "product_reference": "servicemesh-mixc-0:1.1.6-1.el8.x86_64", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-mixs-0:1.1.6-1.el8.x86_64 as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64" }, "product_reference": "servicemesh-mixs-0:1.1.6-1.el8.x86_64", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-operator-0:1.1.6-2.el8.src as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src" }, "product_reference": "servicemesh-operator-0:1.1.6-2.el8.src", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-operator-0:1.1.6-2.el8.x86_64 as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64" }, "product_reference": "servicemesh-operator-0:1.1.6-2.el8.x86_64", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64 as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64" }, "product_reference": "servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64 as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64" }, "product_reference": "servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-prometheus-0:2.14.0-14.el8.src as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src" }, "product_reference": "servicemesh-prometheus-0:2.14.0-14.el8.src", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-prometheus-0:2.14.0-14.el8.x86_64 as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64" }, "product_reference": "servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "relates_to_product_reference": "8Base-OSSM-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64 as a component of OpenShift Service Mesh 1.1", "product_id": "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" }, "product_reference": "servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64", "relates_to_product_reference": "8Base-OSSM-1.1" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-8203", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2020-07-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1857412" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-lodash in versions 4.17.15 and earlier. A prototype pollution attack is possible which can lead to arbitrary code execution. The primary threat from this vulnerability is to data integrity and system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-lodash: prototype pollution in zipObjectDeep function", "title": "Vulnerability summary" }, { "category": "other", "text": "In OpenShift ServiceMesh (OSSM), Red Hat OpenShift Jaeger (RHOSJ) and Red Hat OpenShift Container Platform (RHOCP), the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable nodejs-lodash library to authenticated users only, therefore the impact is low.\n\nRed Hat OpenShift Container Platform 4 delivers the kibana package where the nodejs-lodash library is used, but due to the code changing to the container first content the kibana package is marked as wontfix. This may be fixed in the future.\n\nRed Hat Virtualization uses vulnerable version of nodejs-lodash, however zipObjectDeep is not used, therefore the impact is low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src", "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-8203" }, { "category": "external", "summary": "RHBZ#1857412", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857412" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-8203", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8203" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8203", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8203" }, { "category": "external", "summary": "https://hackerone.com/reports/712065", "url": "https://hackerone.com/reports/712065" }, { "category": "external", "summary": "https://www.npmjs.com/advisories/1523", "url": "https://www.npmjs.com/advisories/1523" } ], "release_date": "2020-04-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-06T20:19:17+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src", "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3369" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src", "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-lodash: prototype pollution in zipObjectDeep function" }, { "cve": "CVE-2020-9283", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "discovery_date": "2020-02-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1804533" } ], "notes": [ { "category": "description", "text": "A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform uses the vulnerable library in a number of components but strictly as an SSH client. The severity of this vulnerability is reduced for clients as it requires connections to malicious SSH servers, with the maximum impact only a client crash. This vulnerability is rated Low for OpenShift Container Platform.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src", "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-9283" }, { "category": "external", "summary": "RHBZ#1804533", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9283", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9283" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY", "url": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY" } ], "release_date": "2020-02-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-06T20:19:17+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src", "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3369" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src", "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src", "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-06T20:19:17+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src", "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3369" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src", "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "cve": "CVE-2020-12666", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850034" } ], "notes": [ { "category": "description", "text": "A flaw was found in macaron. Path URLs aren\u0027t cleaned before being redirected creating an open redirect in the static handler.", "title": "Vulnerability description" }, { "category": "summary", "text": "macaron: open redirect in the static handler", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue has a low impact on both OpenShift Container Platform and OpenShift Service Mesh grafana containers. As neither components make use of the Static handler the impact is Low. A future version of Grafana may use the Macaron Static handler so we may fix this in a future release.\n\nRed Hat Ceph Storage (RHCS) versions 3 and 4 use Grafana where the affected version of the macaron package is delivered. However the Static handler is not used by Ceph hence the impact by this vulnerability is Low. Ceph-2 has reached End of Extended Life Cycle Support and no longer fixing moderates/lows.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src", "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-12666" }, { "category": "external", "summary": "RHBZ#1850034", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850034" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-12666", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12666" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12666", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12666" } ], "release_date": "2020-05-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-06T20:19:17+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src", "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3369" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src", "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "macaron: open redirect in the static handler" }, { "cve": "CVE-2020-14040", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2020-06-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1853652" } ], "notes": [ { "category": "description", "text": "A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash", "title": "Vulnerability summary" }, { "category": "other", "text": "* OpenShift ServiceMesh (OSSM) 1.0 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities. Jaeger was packaged with ServiceMesh in 1.0, and hence is also marked OOSS, but the Jaeger-Operator is a standalone product and is affected by this vulnerability.\n\n* Because Service Telemetry Framework does not directly use unicode.UTF16, no update will be provided at this time for STF\u0027s sg-core-container.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src", "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-14040" }, { "category": "external", "summary": "RHBZ#1853652", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14040", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14040" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040" }, { "category": "external", "summary": "https://github.com/golang/go/issues/39491", "url": "https://github.com/golang/go/issues/39491" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0", "url": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0" } ], "release_date": "2020-06-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-08-06T20:19:17+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src", "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3369" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.src", "7Server-RH7-RHOSSM-1.1:kiali-0:v1.12.10.redhat2-1.el7.x86_64", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:ior-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.src", "8Base-OSSM-1.1:servicemesh-cni-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-galley-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.src", "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-13.el8.x86_64", "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.src", "8Base-OSSM-1.1:servicemesh-operator-0:1.1.6-2.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.6-1.el8.x86_64", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.src", "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-14.el8.x86_64", "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.6-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash" } ] }
rhsa-2023_1044
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.2 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* keycloak: reflected XSS attack (CVE-2022-4137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1044", "url": "https://access.redhat.com/errata/RHSA-2023:1044" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "2031904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904" }, { "category": "external", "summary": "2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "2072009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009" }, { "category": "external", "summary": "2073157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157" }, { "category": "external", "summary": "2105075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075" }, { "category": "external", "summary": "2117506", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506" }, { "category": "external", "summary": "2126789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789" }, { "category": "external", "summary": "2129706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706" }, { "category": "external", "summary": "2129707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707" }, { "category": "external", "summary": "2129709", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709" }, { "category": "external", "summary": "2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "2138971", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971" }, { "category": "external", "summary": "2140597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597" }, { "category": "external", "summary": "2141404", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404" }, { "category": "external", "summary": "2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "2148496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496" }, { "category": "external", "summary": "2150009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009" }, { "category": "external", "summary": "2155681", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681" }, { "category": "external", "summary": "2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "2158585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585" }, { "category": "external", "summary": "2160585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1044.json" } ], "title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 8", "tracking": { "current_release_date": "2024-11-21T21:15:18+00:00", "generator": { "date": "2024-11-21T21:15:18+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1044", "initial_release_date": "2023-03-01T21:45:12+00:00", "revision_history": [ { "date": "2023-03-01T21:45:12+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-01T21:45:12+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-21T21:15:18+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Single Sign-On 7.6 for RHEL 8", "product": { "name": "Red Hat Single Sign-On 7.6 for RHEL 8", "product_id": "8Base-RHSSO-7.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8" } } } ], "category": "product_family", "name": "Red Hat Single Sign-On" }, { "branches": [ { "category": "product_version", "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "product": { "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el8sso?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "product": { "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el8sso?arch=noarch" } } }, { "category": "product_version", "name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "product": { "name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "product_id": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@18.0.6-1.redhat_00001.1.el8sso?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 8", "product_id": "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch" }, "product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "relates_to_product_reference": "8Base-RHSSO-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src as a component of Red Hat Single Sign-On 7.6 for RHEL 8", "product_id": "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src" }, "product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "relates_to_product_reference": "8Base-RHSSO-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 8", "product_id": "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" }, "product_reference": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "relates_to_product_reference": "8Base-RHSSO-7.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-14040", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601614" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14040" }, { "category": "external", "summary": "RHBZ#1601614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14040" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute" }, { "cve": "CVE-2018-14042", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1601617" } ], "notes": [ { "category": "description", "text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.", "title": "Vulnerability description" }, { "category": "summary", "text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14042" }, { "category": "external", "summary": "RHBZ#1601617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14042" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042" } ], "release_date": "2018-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip" }, { "cve": "CVE-2019-11358", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-03-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1701972" } ], "notes": [ { "category": "description", "text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11358" }, { "category": "external", "summary": "RHBZ#1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "category": "external", "summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "category": "external", "summary": "https://www.drupal.org/sa-core-2019-006", "url": "https://www.drupal.org/sa-core-2019-006" } ], "release_date": "2019-03-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "cve": "CVE-2021-35065", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156324" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "glob-parent: Regular Expression Denial of Service", "title": "Vulnerability summary" }, { "category": "other", "text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-35065" }, { "category": "external", "summary": "RHBZ#2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065", "url": "https://www.cve.org/CVERecord?id=CVE-2021-35065" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294", "url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294" } ], "release_date": "2022-12-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "glob-parent: Regular Expression Denial of Service" }, { "cve": "CVE-2021-44906", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2066009" } ], "notes": [ { "category": "description", "text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "minimist: prototype pollution", "title": "Vulnerability summary" }, { "category": "other", "text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44906" }, { "category": "external", "summary": "RHBZ#2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h", "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h" } ], "release_date": "2022-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "minimist: prototype pollution" }, { "acknowledgments": [ { "names": [ "Marcus Nilsson" ], "organization": "usd AG" } ], "cve": "CVE-2022-1274", "cwe": { "id": "CWE-80", "name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)" }, "discovery_date": "2022-04-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2073157" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: HTML injection in execute-actions-email Admin REST API", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-1274" }, { "category": "external", "summary": "RHBZ#2073157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1274" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274" }, { "category": "external", "summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725", "url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725" } ], "release_date": "2023-02-28T18:57:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: HTML injection in execute-actions-email Admin REST API" }, { "acknowledgments": [ { "names": [ "Grzegorz Tworek" ], "organization": "SISOFT s.c." } ], "cve": "CVE-2022-1438", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2021-12-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2031904" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: XSS on impersonation under specific circumstances", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-1438" }, { "category": "external", "summary": "RHBZ#2031904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1438" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438" } ], "release_date": "2023-02-28T18:56:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: XSS on impersonation under specific circumstances" }, { "cve": "CVE-2022-1471", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-12-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150009" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).", "title": "Vulnerability description" }, { "category": "summary", "text": "SnakeYaml: Constructor Deserialization Remote Code Execution", "title": "Vulnerability summary" }, { "category": "other", "text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-1471" }, { "category": "external", "summary": "RHBZ#2150009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1471" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471" }, { "category": "external", "summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2", "url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2" } ], "release_date": "2022-10-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "SnakeYaml: Constructor Deserialization Remote Code Execution" }, { "cve": "CVE-2022-2764", "discovery_date": "2022-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2117506" } ], "notes": [ { "category": "description", "text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-2764" }, { "category": "external", "summary": "RHBZ#2117506", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2764" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764" } ], "release_date": "2022-08-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations" }, { "acknowledgments": [ { "names": [ "Peter Flintholm" ], "organization": "Trifork" } ], "cve": "CVE-2022-3916", "cwe": { "id": "CWE-384", "name": "Session Fixation" }, "discovery_date": "2022-11-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2141404" } ], "notes": [ { "category": "description", "text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: Session takeover with OIDC offline refreshtokens", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3916" }, { "category": "external", "summary": "RHBZ#2141404", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3916" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916" } ], "release_date": "2022-11-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: Session takeover with OIDC offline refreshtokens" }, { "cve": "CVE-2022-4137", "cwe": { "id": "CWE-81", "name": "Improper Neutralization of Script in an Error Message Web Page" }, "discovery_date": "2022-11-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2148496" } ], "notes": [ { "category": "description", "text": "A reflected cross-site scripting (XSS) vulnerability was found in the \u0027oob\u0027 OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: reflected XSS attack", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-4137" }, { "category": "external", "summary": "RHBZ#2148496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4137", "url": "https://www.cve.org/CVERecord?id=CVE-2022-4137" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137" } ], "release_date": "2023-03-01T13:56:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "keycloak: reflected XSS attack" }, { "cve": "CVE-2022-24785", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2022-04-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2072009" } ], "notes": [ { "category": "description", "text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "Moment.js: Path traversal in moment.locale", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24785" }, { "category": "external", "summary": "RHBZ#2072009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24785" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785" }, { "category": "external", "summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4", "url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4" } ], "release_date": "2022-04-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" }, { "category": "workaround", "details": "Sanitize the user-provided locale name before passing it to Moment.js.", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Moment.js: Path traversal in moment.locale" }, { "cve": "CVE-2022-25857", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2126789" } ], "notes": [ { "category": "description", "text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections", "title": "Vulnerability summary" }, { "category": "other", "text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-25857" }, { "category": "external", "summary": "RHBZ#2126789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857", "url": "https://www.cve.org/CVERecord?id=CVE-2022-25857" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857" }, { "category": "external", "summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525" } ], "release_date": "2022-08-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections" }, { "cve": "CVE-2022-31129", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-07-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2105075" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "moment: inefficient parsing algorithm resulting in DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-31129" }, { "category": "external", "summary": "RHBZ#2105075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129", "url": "https://www.cve.org/CVERecord?id=CVE-2022-31129" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129" }, { "category": "external", "summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g", "url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g" } ], "release_date": "2022-07-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "moment: inefficient parsing algorithm resulting in DoS" }, { "cve": "CVE-2022-37603", "cwe": { "id": "CWE-185", "name": "Incorrect Regular Expression" }, "discovery_date": "2022-11-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140597" } ], "notes": [ { "category": "description", "text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.", "title": "Vulnerability description" }, { "category": "summary", "text": "loader-utils: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-37603" }, { "category": "external", "summary": "RHBZ#2140597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603", "url": "https://www.cve.org/CVERecord?id=CVE-2022-37603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603" } ], "release_date": "2022-10-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "loader-utils: Regular expression denial of service" }, { "cve": "CVE-2022-38749", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2129706" } ], "notes": [ { "category": "description", "text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38749" }, { "category": "external", "summary": "RHBZ#2129706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38749" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749" } ], "release_date": "2022-09-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode" }, { "cve": "CVE-2022-38750", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2129707" } ], "notes": [ { "category": "description", "text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38750" }, { "category": "external", "summary": "RHBZ#2129707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38750" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750" } ], "release_date": "2022-09-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject" }, { "cve": "CVE-2022-38751", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2129709" } ], "notes": [ { "category": "description", "text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38751" }, { "category": "external", "summary": "RHBZ#2129709", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38751" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751" } ], "release_date": "2022-09-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match" }, { "cve": "CVE-2022-40149", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-10-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135771" } ], "notes": [ { "category": "description", "text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: parser crash by stackoverflow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40149" }, { "category": "external", "summary": "RHBZ#2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40149" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: parser crash by stackoverflow" }, { "cve": "CVE-2022-40150", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-10-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135770" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: memory exhaustion via user-supplied XML or JSON data", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40150" }, { "category": "external", "summary": "RHBZ#2135770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jettison: memory exhaustion via user-supplied XML or JSON data" }, { "cve": "CVE-2022-42003", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135244" } ], "notes": [ { "category": "description", "text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42003" }, { "category": "external", "summary": "RHBZ#2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS" }, { "cve": "CVE-2022-42004", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135247" } ], "notes": [ { "category": "description", "text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: use of deeply nested arrays", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42004" }, { "category": "external", "summary": "RHBZ#2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: use of deeply nested arrays" }, { "cve": "CVE-2022-45047", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-11-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2145194" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.", "title": "Vulnerability description" }, { "category": "summary", "text": "mina-sshd: Java unsafe deserialization vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45047" }, { "category": "external", "summary": "RHBZ#2145194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45047" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047" }, { "category": "external", "summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html", "url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html" } ], "release_date": "2022-11-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" }, { "category": "workaround", "details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "mina-sshd: Java unsafe deserialization vulnerability" }, { "cve": "CVE-2022-45693", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-12-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155970" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45693" }, { "category": "external", "summary": "RHBZ#2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45693" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos" }, { "cve": "CVE-2022-46175", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156263" } ], "notes": [ { "category": "description", "text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.", "title": "Vulnerability description" }, { "category": "summary", "text": "json5: Prototype Pollution in JSON5 via Parse Method", "title": "Vulnerability summary" }, { "category": "other", "text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46175" }, { "category": "external", "summary": "RHBZ#2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46175" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175" }, { "category": "external", "summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h", "url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h" } ], "release_date": "2022-12-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "json5: Prototype Pollution in JSON5 via Parse Method" }, { "cve": "CVE-2022-46363", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2022-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155681" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.", "title": "Vulnerability description" }, { "category": "summary", "text": "CXF: directory listing / code exfiltration", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46363" }, { "category": "external", "summary": "RHBZ#2155681", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46363" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363" }, { "category": "external", "summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c", "url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "CXF: directory listing / code exfiltration" }, { "cve": "CVE-2022-46364", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2022-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155682" } ], "notes": [ { "category": "description", "text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.", "title": "Vulnerability description" }, { "category": "summary", "text": "CXF: SSRF Vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46364" }, { "category": "external", "summary": "RHBZ#2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46364" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364" }, { "category": "external", "summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2", "url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "CXF: SSRF Vulnerability" }, { "acknowledgments": [ { "names": [ "Sourav Kumar" ], "organization": "https://github.com/souravs17031999", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0091", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2022-10-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2158585" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: Client Registration endpoint does not check token revocation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0091" }, { "category": "external", "summary": "RHBZ#2158585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0091" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091" }, { "category": "external", "summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg", "url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg" }, { "category": "external", "summary": "https://github.com/keycloak/security/issues/27", "url": "https://github.com/keycloak/security/issues/27" } ], "release_date": "2022-10-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "keycloak: Client Registration endpoint does not check token revocation" }, { "acknowledgments": [ { "names": [ "Jordi Zayuelas i Mu\u00f1oz" ], "organization": "A1 Digital", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0264", "cwe": { "id": "CWE-303", "name": "Incorrect Implementation of Authentication Algorithm" }, "discovery_date": "2023-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2160585" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: user impersonation via stolen uuid code", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0264" }, { "category": "external", "summary": "RHBZ#2160585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0264" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264" } ], "release_date": "2023-02-28T18:58:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-01T21:45:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src", "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: user impersonation via stolen uuid code" } ] }
rhsa-2021_0860
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for ipa is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.\n\nSecurity Fix(es):\n\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* cannot issue certs with multiple IP addresses corresponding to different hosts (BZ#1846349)\n\n* CA-less install does not set required permissions on KDC certificate (BZ#1863619)\n\n* IdM Web UI shows users as disabled (BZ#1884819)\n\n* Authentication and login times are over several seconds due to unindexed ipaExternalMember (BZ#1892793)\n\n* improve IPA PKI susbsystem detection by other means than a directory presence, use pki-server subsystem-find (BZ#1895197)\n\n* IPA WebUI inaccessible after upgrading to RHEL 8.3 - idoverride-memberof.js missing (BZ#1897253)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:0860", "url": "https://access.redhat.com/errata/RHSA-2021:0860" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1846349", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846349" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "1863619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1863619" }, { "category": "external", "summary": "1884819", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1884819" }, { "category": "external", "summary": "1892793", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892793" }, { "category": "external", "summary": "1895197", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895197" }, { "category": "external", "summary": "1897253", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1897253" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0860.json" } ], "title": "Red Hat Security Advisory: ipa security and bug fix update", "tracking": { "current_release_date": "2024-11-15T08:42:19+00:00", "generator": { "date": "2024-11-15T08:42:19+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:0860", "initial_release_date": "2021-03-16T13:57:49+00:00", "revision_history": [ { "date": "2021-03-16T13:57:49+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-03-16T13:57:49+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:42:19+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Client (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "ipa-0:4.6.8-5.el7_9.4.src", "product": { "name": "ipa-0:4.6.8-5.el7_9.4.src", "product_id": "ipa-0:4.6.8-5.el7_9.4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa@4.6.8-5.el7_9.4?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "ipa-client-0:4.6.8-5.el7_9.4.x86_64", "product": { "name": "ipa-client-0:4.6.8-5.el7_9.4.x86_64", "product_id": "ipa-client-0:4.6.8-5.el7_9.4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7_9.4?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "product": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "product_id": "ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7_9.4?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-server-0:4.6.8-5.el7_9.4.x86_64", "product": { "name": "ipa-server-0:4.6.8-5.el7_9.4.x86_64", "product_id": "ipa-server-0:4.6.8-5.el7_9.4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server@4.6.8-5.el7_9.4?arch=x86_64" } } }, { "category": "product_version", "name": "ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "product": { "name": "ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "product_id": "ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.6.8-5.el7_9.4?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "product": { "name": "ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "product_id": "ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client-common@4.6.8-5.el7_9.4?arch=noarch" } } }, { "category": "product_version", "name": "ipa-common-0:4.6.8-5.el7_9.4.noarch", "product": { "name": "ipa-common-0:4.6.8-5.el7_9.4.noarch", "product_id": "ipa-common-0:4.6.8-5.el7_9.4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-common@4.6.8-5.el7_9.4?arch=noarch" } } }, { "category": "product_version", "name": "ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "product": { "name": "ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "product_id": "ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-python-compat@4.6.8-5.el7_9.4?arch=noarch" } } }, { "category": "product_version", "name": "python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "product": { "name": "python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "product_id": "python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python2-ipaclient@4.6.8-5.el7_9.4?arch=noarch" } } }, { "category": "product_version", "name": "python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "product": { "name": "python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "product_id": "python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python2-ipalib@4.6.8-5.el7_9.4?arch=noarch" } } }, { "category": "product_version", "name": "ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "product": { "name": "ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "product_id": "ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-common@4.6.8-5.el7_9.4?arch=noarch" } } }, { "category": "product_version", "name": "ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "product": { "name": "ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "product_id": "ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-server-dns@4.6.8-5.el7_9.4?arch=noarch" } } }, { "category": "product_version", "name": "python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "product": { "name": "python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "product_id": "python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python2-ipaserver@4.6.8-5.el7_9.4?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "product": { "name": "ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "product_id": "ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7_9.4?arch=ppc64le" } } }, { "category": "product_version", "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "product": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "product_id": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7_9.4?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "ipa-client-0:4.6.8-5.el7_9.4.ppc64", "product": { "name": "ipa-client-0:4.6.8-5.el7_9.4.ppc64", "product_id": "ipa-client-0:4.6.8-5.el7_9.4.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7_9.4?arch=ppc64" } } }, { "category": "product_version", "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "product": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "product_id": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7_9.4?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "ipa-client-0:4.6.8-5.el7_9.4.s390x", "product": { "name": "ipa-client-0:4.6.8-5.el7_9.4.s390x", "product_id": "ipa-client-0:4.6.8-5.el7_9.4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7_9.4?arch=s390x" } } }, { "category": "product_version", "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "product": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "product_id": "ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7_9.4?arch=s390x" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "ipa-0:4.6.8-5.el7_9.4.src as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src" }, "product_reference": "ipa-0:4.6.8-5.el7_9.4.src", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.ppc64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.s390x", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-common-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-common-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-common-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-python-compat-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-server-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-common-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-dns-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python2-ipaclient-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python2-ipalib-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python2-ipaserver-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-0:4.6.8-5.el7_9.4.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src" }, "product_reference": "ipa-0:4.6.8-5.el7_9.4.src", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.ppc64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.s390x", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-common-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-common-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-common-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-python-compat-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-server-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-common-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-dns-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python2-ipaclient-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python2-ipalib-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python2-ipaserver-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-0:4.6.8-5.el7_9.4.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src" }, "product_reference": "ipa-0:4.6.8-5.el7_9.4.src", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-common-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-common-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-common-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-python-compat-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-server-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-common-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-dns-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python2-ipaclient-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python2-ipalib-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python2-ipaserver-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-0:4.6.8-5.el7_9.4.src as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src" }, "product_reference": "ipa-0:4.6.8-5.el7_9.4.src", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.ppc64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.s390x", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-common-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-common-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-common-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-python-compat-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-server-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-common-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-dns-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python2-ipaclient-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python2-ipalib-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python2-ipaserver-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-0:4.6.8-5.el7_9.4.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src" }, "product_reference": "ipa-0:4.6.8-5.el7_9.4.src", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.ppc64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.s390x", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-client-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-client-common-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-common-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-common-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-python-compat-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-server-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-common-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-dns-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64" }, "product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python2-ipaclient-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python2-ipalib-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python2-ipaserver-0:4.6.8-5.el7_9.4.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch" }, "product_reference": "python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "relates_to_product_reference": "7Workstation-7.9.Z" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src", "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64", "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x", "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64", "7Client-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "7Client-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64", "7Client-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "7Client-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src", "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64", "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x", "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64", "7Client-optional-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "7Client-optional-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64", "7Client-optional-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "7Client-optional-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src", "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64", "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x", "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64", "7ComputeNode-optional-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "7ComputeNode-optional-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64", "7ComputeNode-optional-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "7ComputeNode-optional-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src", "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64", "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x", "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64", "7Server-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "7Server-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64", "7Server-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "7Server-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src", "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64", "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x", "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64", "7Workstation-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "7Workstation-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64", "7Workstation-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "7Workstation-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-03-16T13:57:49+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src", "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64", "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x", "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64", "7Client-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "7Client-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64", "7Client-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "7Client-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src", "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64", "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x", "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64", "7Client-optional-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "7Client-optional-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64", "7Client-optional-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "7Client-optional-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src", "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64", "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x", "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64", "7ComputeNode-optional-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "7ComputeNode-optional-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64", "7ComputeNode-optional-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "7ComputeNode-optional-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src", "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64", "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x", "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64", "7Server-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "7Server-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64", "7Server-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "7Server-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src", "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64", "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x", "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64", "7Workstation-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "7Workstation-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64", "7Workstation-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "7Workstation-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0860" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Client-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src", "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64", "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x", "7Client-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64", "7Client-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "7Client-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "7Client-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64", "7Client-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "7Client-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "7Client-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src", "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64", "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x", "7Client-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64", "7Client-optional-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "7Client-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "7Client-optional-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64", "7Client-optional-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "7Client-optional-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "7Client-optional-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src", "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64", "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x", "7ComputeNode-optional-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64", "7ComputeNode-optional-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "7ComputeNode-optional-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "7ComputeNode-optional-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64", "7ComputeNode-optional-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "7ComputeNode-optional-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "7ComputeNode-optional-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src", "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64", "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x", "7Server-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64", "7Server-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "7Server-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "7Server-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64", "7Server-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "7Server-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "7Server-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-0:4.6.8-5.el7_9.4.src", "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64", "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.ppc64le", "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.s390x", "7Workstation-7.9.Z:ipa-client-0:4.6.8-5.el7_9.4.x86_64", "7Workstation-7.9.Z:ipa-client-common-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-common-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64", "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.ppc64le", "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.s390x", "7Workstation-7.9.Z:ipa-debuginfo-0:4.6.8-5.el7_9.4.x86_64", "7Workstation-7.9.Z:ipa-python-compat-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-server-0:4.6.8-5.el7_9.4.x86_64", "7Workstation-7.9.Z:ipa-server-common-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-server-dns-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:ipa-server-trust-ad-0:4.6.8-5.el7_9.4.x86_64", "7Workstation-7.9.Z:python2-ipaclient-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:python2-ipalib-0:4.6.8-5.el7_9.4.noarch", "7Workstation-7.9.Z:python2-ipaserver-0:4.6.8-5.el7_9.4.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" } ] }
rhsa-2022_6393
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nSecurity Fix(es):\n\n* nodejs-underscore: Arbitrary code execution via the template function (CVE-2021-23358)\n\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods (CVE-2020-11023)\n\n* ovirt-log-collector: RHVM admin password is logged unfiltered (CVE-2022-2806)\n\n* springframework: malicious input leads to insertion of additional log entries (CVE-2021-22096)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Previously, running engine-setup did not always renew OVN certificates close to expiration or expired. With this release, OVN certificates are always renewed by engine-setup when needed. (BZ#2097558)\n\n* Previously, the Manager issued warnings of approaching certificate expiration before engine-setup could update certificates. In this release expiration warnings and certificate update periods are aligned, and certificates are updated as soon as expiration warnings occur. (BZ#2097725)\n\n* With this release, OVA export or import work on hosts with a non-standard SSH port. (BZ#2104939)\n\n* With this release, the certificate validity test is compatible with RHEL 8 and RHEL 7 based hypervisors. (BZ#2107250)\n\n* RHV 4.4 SP1 and later are only supported on RHEL 8.6, customers cannot use RHEL 8.7 or later, and must stay with RHEL 8.6 EUS. (BZ#2108985)\n\n* Previously, importing templates from the Administration Portal did not work. With this release, importing templates from the Administration Portal is possible. (BZ#2109923)\n\n* ovirt-provider-ovn certificate expiration is checked along with other RHV certificates. If ovirt-provider-ovn is about to expire or already expired, a warning or alert is raised in the audit log. To renew the ovirt-provider-ovn certificate, administators must run engine-setup. If your ovirt-provider-ovn certificate expires on a previous RHV version, upgrade to RHV 4.4 SP1 batch 2 or later, and ovirt-provider-ovn certificate will be renewed automatically in the engine-setup. (BZ#2097560)\n\n* Previously, when importing a virtual machine with manual CPU pinning, the manual pinning string was cleared, but the CPU pinning policy was not set to NONE. As a result, importing failed. In this release, the CPU pinning policy is set to NONE if the CPU pinning string is cleared, and importing succeeds. (BZ#2104115)\n\n* Previously, the Manager could start a virtual machine with a Resize and Pin NUMA policy on a host without an equal number of physical sockets to NUMA nodes. As a result, wrong pinning was assigned to the policy. With this release, the Manager does not allow the virtual machine to be scheduled on such a virtual machine, and the pinning is correct based on the algorithm. (BZ#1955388)\n\n* Rebase package(s) to version: 4.4.7.\nHighlights, important fixes, or notable enhancements: fixed BZ#2081676 (BZ#2104831)\n\n* In this release, rhv-log-collector-analyzer provides detailed output for each problematic image, including disk names, associated virtual machine, the host running the virtual machine, snapshots, and current SPM. The detailed view is now the default. The compact option can be set by using the --compact switch in the command line. (BZ#2097536)\n\n* UnboundID LDAP SDK has been rebased on upstream version 6.0.4. See https://github.com/pingidentity/ldapsdk/releases for changes since version 4.0.14 (BZ#2092478)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:6393", "url": "https://access.redhat.com/errata/RHSA-2022:6393" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "1939284", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939284" }, { "category": "external", "summary": "1944286", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944286" }, { "category": "external", "summary": "1955388", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955388" }, { "category": "external", "summary": "1974974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974974" }, { "category": "external", "summary": "2034584", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034584" }, { "category": "external", "summary": "2080005", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2080005" }, { "category": "external", "summary": "2092478", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092478" }, { "category": "external", "summary": "2094577", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094577" }, { "category": "external", "summary": "2097536", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097536" }, { "category": "external", "summary": "2097558", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097558" }, { "category": "external", "summary": "2097560", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097560" }, { "category": "external", "summary": "2097725", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097725" }, { "category": "external", "summary": "2104115", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104115" }, { "category": "external", "summary": "2104831", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104831" }, { "category": "external", "summary": "2104939", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104939" }, { "category": "external", "summary": "2105075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075" }, { "category": "external", "summary": "2107250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107250" }, { "category": "external", "summary": "2107267", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107267" }, { "category": "external", "summary": "2108985", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108985" }, { "category": "external", "summary": "2109923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2109923" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6393.json" } ], "title": "Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.2] bug fix and security update", "tracking": { "current_release_date": "2024-11-21T21:14:55+00:00", "generator": { "date": "2024-11-21T21:14:55+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2022:6393", "initial_release_date": "2022-09-08T11:31:04+00:00", "revision_history": [ { "date": "2022-09-08T11:31:04+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-09-08T11:31:04+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-21T21:14:55+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product": { "name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhev_manager:4.4:el8" } } } ], "category": "product_family", "name": "Red Hat Virtualization" }, { "branches": [ { "category": "product_version", "name": "unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "product": { "name": "unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "product_id": "unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/unboundid-ldapsdk@6.0.4-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src", "product": { "name": "ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src", "product_id": "ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.5-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-web-ui-0:1.9.1-1.el8ev.src", "product": { "name": "ovirt-web-ui-0:1.9.1-1.el8ev.src", "product_id": "ovirt-web-ui-0:1.9.1-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-web-ui@1.9.1-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "product": { "name": "rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "product_id": "rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.15-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "product": { "name": "ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "product_id": "ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extension-aaa-ldap@1.4.6-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "product": { "name": "ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "product_id": "ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.5.4-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-log-collector-0:4.4.7-2.el8ev.src", "product": { "name": "ovirt-log-collector-0:4.4.7-2.el8ev.src", "product_id": "ovirt-log-collector-0:4.4.7-2.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.7-2.el8ev?arch=src" } } }, { "category": "product_version", "name": "vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "product": { "name": "vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "product_id": "vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/vdsm-jsonrpc-java@1.7.2-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "product": { "name": "ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "product_id": "ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine@4.5.2.4-0.1.el8ev?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "product": { "name": "unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "product_id": "unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/unboundid-ldapsdk@6.0.4-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "product": { "name": "unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "product_id": "unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/unboundid-ldapsdk-javadoc@6.0.4-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "product": { "name": "ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "product_id": "ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.5-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "product": { "name": "ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "product_id": "ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-web-ui@1.9.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "product": { "name": "rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "product_id": "rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.15-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "product": { "name": "ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "product_id": "ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extension-aaa-ldap@1.4.6-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "product": { "name": "ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "product_id": "ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-extension-aaa-ldap-setup@1.4.6-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "product": { "name": "ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "product_id": "ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.5.4-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "product": { "name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "product_id": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh-grafana-integration-setup@4.5.4-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "product": { "name": "ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "product_id": "ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh-setup@4.5.4-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "product": { "name": "ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "product_id": "ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.7-2.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "product": { "name": "vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "product_id": "vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/vdsm-jsonrpc-java@1.7.2-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch", "product": { "name": "vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch", "product_id": "vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/vdsm-jsonrpc-java-javadoc@1.7.2-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-backend@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dbscripts@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-health-check-bundler@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-restapi@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-base@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-tools@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-tools-backup@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-webadmin-portal@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-websocket-proxy@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-ovirt-engine-lib@4.5.2.4-0.1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "rhvm-0:4.5.2.4-0.1.el8ev.noarch", "product": { "name": "rhvm-0:4.5.2.4-0.1.el8ev.noarch", "product_id": "rhvm-0:4.5.2.4-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm@4.5.2.4-0.1.el8ev?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-0:4.5.2.4-0.1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src" }, "product_reference": "ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch" }, "product_reference": "ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-0:4.5.4-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.src" }, "product_reference": "ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch" }, "product_reference": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch" }, "product_reference": "ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch" }, "product_reference": "ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src" }, "product_reference": "ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch" }, "product_reference": "ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch" }, "product_reference": "ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src" }, "product_reference": "ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-log-collector-0:4.4.7-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.noarch" }, "product_reference": "ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-log-collector-0:4.4.7-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.src" }, "product_reference": "ovirt-log-collector-0:4.4.7-2.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-web-ui-0:1.9.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.noarch" }, "product_reference": "ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-web-ui-0:1.9.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.src" }, "product_reference": "ovirt-web-ui-0:1.9.1-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch" }, "product_reference": "rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src" }, "product_reference": "rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-0:4.5.2.4-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch" }, "product_reference": "rhvm-0:4.5.2.4-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch" }, "product_reference": "unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "unboundid-ldapsdk-0:6.0.4-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.src" }, "product_reference": "unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch" }, "product_reference": "unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch" }, "product_reference": "vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src" }, "product_reference": "vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch" }, "product_reference": "vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.src", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch" ], "known_not_affected": [ "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.src", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-08T11:31:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6393" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.src", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch" ], "known_not_affected": [ "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.src", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-08T11:31:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6393" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "cve": "CVE-2021-22096", "discovery_date": "2021-12-21T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.src", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2034584" } ], "notes": [ { "category": "description", "text": "In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.", "title": "Vulnerability description" }, { "category": "summary", "text": "springframework: malicious input leads to insertion of additional log entries", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch" ], "known_not_affected": [ "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.src", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-22096" }, { "category": "external", "summary": "RHBZ#2034584", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034584" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-22096", "url": "https://www.cve.org/CVERecord?id=CVE-2021-22096" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22096", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22096" } ], "release_date": "2021-10-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-08T11:31:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6393" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "springframework: malicious input leads to insertion of additional log entries" }, { "cve": "CVE-2021-23358", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)" }, "discovery_date": "2021-03-29T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1944286" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-underscore. Arbitrary code execution via the template function is possible, particularly when a variable property is passed as an argument as it is not sanitized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-underscore: Arbitrary code execution via the template function", "title": "Vulnerability summary" }, { "category": "other", "text": "Whilst the OpenShift Container Platform (OCP) openshift4/ose-grafana and openshift3/grafana as well as console, grc-ui and search-ui containers for Red Hat Advanced Management for Kubernetes (RHACM) include the vulnerable underscore library, the access to it is protected by OpenShift OAuth. Additionally this library is used in openshift4/ose-grafana container only in Grafana End-to-End Test package. Therefore the impact by this flaw is reduced to Low and the affected OCP components are marked as \"will not fix\" at this time and to Moderate for the affected RHACM components. This might be fixed in a future release.\n\nRed Hat Enterprise Virtualization includes the vulnerable underscore library, however it is not parsing any untrusted data, therefore impact is reduced to Low.\n\nBelow Red Hat products include the underscore dependency, but it is not used by the product and hence this issue has been rated as having a security impact of Low.\n\n* Red Hat Quay\n* Red Hat Gluster Storage 3\n* Red Hat OpenShift Container Storage 4\n* Red Hat Ceph Storage 3 and 4", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.src" ], "known_not_affected": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23358" }, { "category": "external", "summary": "RHBZ#1944286", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944286" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23358", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23358" } ], "release_date": "2021-03-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-08T11:31:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6393" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-underscore: Arbitrary code execution via the template function" }, { "cve": "CVE-2022-2806", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2022-04-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2080005" } ], "notes": [ { "category": "description", "text": "A flaw was found in the ovirt-log-collector, which led to the logging of plaintext passwords in the log file. This flaw allows an attacker with sufficient privileges to read the log file, leading to a loss of confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "ovirt-log-collector: RHVM admin password is logged unfiltered", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.src" ], "known_not_affected": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-2806" }, { "category": "external", "summary": "RHBZ#2080005", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2080005" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-2806", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2806" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2806", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2806" } ], "release_date": "2022-05-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-08T11:31:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6393" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ovirt-log-collector: RHVM admin password is logged unfiltered" }, { "cve": "CVE-2022-31129", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-07-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2105075" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "moment: inefficient parsing algorithm resulting in DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src" ], "known_not_affected": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.2.4-0.1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.4-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-0:1.4.6-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-extension-aaa-ldap-setup-0:1.4.6-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.7-2.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.1-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.15-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.2.4-0.1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:unboundid-ldapsdk-0:6.0.4-1.el8ev.src", "8Base-RHV-S-4.4:unboundid-ldapsdk-javadoc-0:6.0.4-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.2-1.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.2-1.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-31129" }, { "category": "external", "summary": "RHBZ#2105075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129", "url": "https://www.cve.org/CVERecord?id=CVE-2022-31129" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129" }, { "category": "external", "summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g", "url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g" } ], "release_date": "2022-07-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-08T11:31:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6393" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.5-1.el8ev.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "moment: inefficient parsing algorithm resulting in DoS" } ] }
rhsa-2020_2412
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat OpenShift Container Platform 4.5.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allowed for panic (CVE-2020-9283)\n\n* kubernetes: Denial of service in API server via crafted YAML payloads by authorized users (CVE-2019-11254)\n\n* js-jquery: prototype pollution in object\u0027s prototype led to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* kubernetes: node localhost services reachable via martian packets (CVE-2020-8558)\n\n* containernetworking/plugins: IPv6 router advertisements allowed for MitM attacks on IPv4 clusters (CVE-2020-10749)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:2412", "url": "https://access.redhat.com/errata/RHSA-2020:2412" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "1804533", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533" }, { "category": "external", "summary": "1819486", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819486" }, { "category": "external", "summary": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "1833220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1833220" }, { "category": "external", "summary": "1843358", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843358" }, { "category": "external", "summary": "1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2412.json" } ], "title": "Red Hat Security Advisory: OpenShift Container Platform 4.5 container image security update", "tracking": { "current_release_date": "2024-11-15T08:31:55+00:00", "generator": { "date": "2024-11-15T08:31:55+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:2412", "initial_release_date": "2020-07-13T17:22:28+00:00", "revision_history": [ { "date": "2020-07-13T17:22:28+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-07-13T17:22:28+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:31:55+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.5", "product": { "name": "Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.5::el7" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "product": { "name": "openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "product_id": "openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-logging-operator\u0026tag=v4.5.0-202007012112.p0" } } }, { "category": "product_version", "name": "openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "product": { "name": "openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "product_id": "openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-multus-cni\u0026tag=v4.5.0-202007012112.p0" } } }, { "category": "product_version", "name": "openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64", "product": { "name": "openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64", "product_id": "openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-oauth-server-rhel7\u0026tag=v4.5.0-202007012112.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "product": { "name": "openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "product_id": "openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.5.0-202007012112.p0" } } }, { "category": "product_version", "name": "openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "product": { "name": "openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "product_id": "openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.5.0-202007012112.p0" } } }, { "category": "product_version", "name": "openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "product": { "name": "openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "product_id": "openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube\u0026tag=v4.5.0-202007100518.p0" } } }, { "category": "product_version", "name": "openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "product": { "name": "openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "product_id": "openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-machine-approver\u0026tag=v4.5.0-202007012112.p0" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64 as a component of Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64" }, "product_reference": "openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64 as a component of Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64" }, "product_reference": "openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64 as a component of Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64" }, "product_reference": "openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64 as a component of Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64" }, "product_reference": "openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64 as a component of Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64" }, "product_reference": "openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64 as a component of Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64" }, "product_reference": "openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64 as a component of Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" }, "product_reference": "openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.5" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-11252", "cwe": { "id": "CWE-209", "name": "Generation of Error Message Containing Sensitive Information" }, "discovery_date": "2020-07-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1860158" } ], "notes": [ { "category": "description", "text": "A flaw was found in Kubernetes that allows the logging of credentials when mounting AzureFile and CephFS volumes. This flaw allows an attacker to access kubelet logs, read the credentials, and use them to access other services. The highest threat from this vulnerability is to confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "kubernetes: credential leak in kube-controller-manager via error messages in mount failure logs and events for AzureFile and CephFS volumes", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform (OCP) included the upstream patch for this flaw in the release of version 4.5. Prior versions are affected as OCP 4 supports AzureFile volumes and OCP 3 supports both AzureFile and CephFS volumes. OCP clusters not using these volume types are not vulnerable.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11252" }, { "category": "external", "summary": "RHBZ#1860158", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860158" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11252", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11252" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11252", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11252" } ], "release_date": "2020-03-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-13T17:22:28+00:00", "details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2412" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kubernetes: credential leak in kube-controller-manager via error messages in mount failure logs and events for AzureFile and CephFS volumes" }, { "cve": "CVE-2019-11254", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-04-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819486" } ], "notes": [ { "category": "description", "text": "The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.", "title": "Vulnerability description" }, { "category": "summary", "text": "kubernetes: Denial of service in API server via crafted YAML payloads by authorized users", "title": "Vulnerability summary" }, { "category": "other", "text": "The upstream Kubernetes fix for this vulnerability is to update the version of the Go dependency, gopkg.in/yaml.v2. This issue affects OpenShift Container Platform components that use versions before 2.2.8 of gopkg.in/yaml.v2 and accept YAML payloads.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11254" }, { "category": "external", "summary": "RHBZ#1819486", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819486" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11254", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11254" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11254", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11254" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc", "url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc" } ], "release_date": "2020-03-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-13T17:22:28+00:00", "details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2412" }, { "category": "workaround", "details": "Prevent unauthenticated or unauthorized access to the API server", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kubernetes: Denial of service in API server via crafted YAML payloads by authorized users" }, { "cve": "CVE-2019-11358", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-03-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1701972" } ], "notes": [ { "category": "description", "text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11358" }, { "category": "external", "summary": "RHBZ#1701972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "category": "external", "summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "category": "external", "summary": "https://www.drupal.org/sa-core-2019-006", "url": "https://www.drupal.org/sa-core-2019-006" } ], "release_date": "2019-03-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-13T17:22:28+00:00", "details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2412" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection" }, { "acknowledgments": [ { "names": [ "the Kubernetes Product Security Committee" ] }, { "names": [ "Yuval Avrahami", "Ariel Zelivansky" ], "organization": "Palo Alto Networks", "summary": "Acknowledged by upstream." }, { "names": [ "J\u00e1nos K\u00f6v\u00e9r" ], "organization": "Ericsson", "summary": "Acknowledged by upstream." }, { "names": [ "Rory McCune" ], "organization": "NCC Group", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2020-8558", "cwe": { "id": "CWE-300", "name": "Channel Accessible by Non-Endpoint" }, "discovery_date": "2020-05-29T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1843358" } ], "notes": [ { "category": "description", "text": "A flaw was found in Kubernetes that allows attackers on adjacent networks to reach services exposed on localhost ports, previously thought to be unreachable. This flaw allows an attacker to gain privileges or access confidential information for any services listening on localhost ports that are not protected by authentication.", "title": "Vulnerability description" }, { "category": "summary", "text": "kubernetes: node localhost services reachable via martian packets", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform does not expose the API server on a localhost port without authentication. The only service exposed on a localhost port not protected by authentication is Metrics, which exposes some cluster metadata.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-8558" }, { "category": "external", "summary": "RHBZ#1843358", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843358" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-8558", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8558" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8558", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8558" }, { "category": "external", "summary": "https://groups.google.com/g/kubernetes-security-announce/c/B1VegbBDMTE", "url": "https://groups.google.com/g/kubernetes-security-announce/c/B1VegbBDMTE" } ], "release_date": "2020-07-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-13T17:22:28+00:00", "details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2412" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kubernetes: node localhost services reachable via martian packets" }, { "cve": "CVE-2020-9283", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "discovery_date": "2020-02-19T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1804533" } ], "notes": [ { "category": "description", "text": "A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform uses the vulnerable library in a number of components but strictly as an SSH client. The severity of this vulnerability is reduced for clients as it requires connections to malicious SSH servers, with the maximum impact only a client crash. This vulnerability is rated Low for OpenShift Container Platform.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-9283" }, { "category": "external", "summary": "RHBZ#1804533", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9283", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9283" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY", "url": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY" } ], "release_date": "2020-02-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-13T17:22:28+00:00", "details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2412" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic" }, { "acknowledgments": [ { "names": [ "the Kubernetes Product Security Committee" ] }, { "names": [ "Etienne Champetier" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2020-10749", "cwe": { "id": "CWE-300", "name": "Channel Accessible by Non-Endpoint" }, "discovery_date": "2020-05-08T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1833220" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending \u201crogue\u201d IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.", "title": "Vulnerability description" }, { "category": "summary", "text": "containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters", "title": "Vulnerability summary" }, { "category": "other", "text": "In OpenShift Container Platform 4, the default network plugin, OpenShift SDN, and OVN Kubernetes, do not forward IPv6 traffic, making this vulnerability not exploitable. The affected code from containernetworking/plugins is however still included in these plugins, hence this vulnerability is rated Low for both OpenShift SDN and OVN-Kubernetes.\n\nIPv6 traffic is not forwarded by the OpenShift SDN in OpenShift Container Platform 3.11, making this vulnerability not exploitable. However, the affected code from containernetworking/plugins is still included in the atomic-openshift package, hence this vulnerability is rated Low for OpenShift Container Platform 3.11.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10749" }, { "category": "external", "summary": "RHBZ#1833220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1833220" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10749", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10749" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10749", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10749" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8", "url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8" } ], "release_date": "2020-06-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-13T17:22:28+00:00", "details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2412" }, { "category": "workaround", "details": "Prevent untrusted, non-privileged containers from running with CAP_NET_RAW.", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1828406" } ], "notes": [ { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" }, { "category": "other", "text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "RHBZ#1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" } ], "release_date": "2020-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-13T17:22:28+00:00", "details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2412" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1850004" } ], "notes": [ { "category": "description", "text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "RHBZ#1850004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" } ], "release_date": "2020-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-07-13T17:22:28+00:00", "details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2412" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" } ] }
wid-sec-w-2022-1347
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "jQuery ist eine freie JavaScript-Bibliothek, die Funktionen zur DOM-Navigation und -Manipulation zur Verf\u00fcgung stellt.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in jQuery ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- MacOS X\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2022-1347 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2022-1347.json" }, { "category": "self", "summary": "WID-SEC-2022-1347 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1347" }, { "category": "external", "summary": "Moxa Security Advisory MPSA-230203 vom 2023-11-02", "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230203-pt-g503-series-multiple-vulnerabilities" }, { "category": "external", "summary": "IBM Security Bulletin 7060517 vom 2023-10-26", "url": "https://www.ibm.com/support/pages/node/7060517" }, { "category": "external", "summary": "SolarWinds Platform 2023.3 Release Notes", "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3_release_notes.htm" }, { "category": "external", "summary": "Tenable Security Advisory TNS-2023-09 vom 2023-03-02", "url": "https://www.tenable.com/security/tns-2023-09" }, { "category": "external", "summary": "GitHub Security Advisory GHSA-gxr4-xjj5-5px2 vom 2020-04-30", "url": "https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2" }, { "category": "external", "summary": "GitHub Security Advisory GHSA-jpcq-cgw6-v4j6 vom 2020-04-30", "url": "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6" }, { "category": "external", "summary": "Drupal Security Advisory SA-CORE-2020-002 vom 2020-05-20", "url": "https://www.drupal.org/sa-core-2020-002" }, { "category": "external", "summary": "Debian Security Advisory DSA-4693 vom 2020-05-27", "url": "https://www.debian.org/security/2020/dsa-4693" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:2217 vom 2020-05-28", "url": "https://access.redhat.com/errata/RHSA-2020:2217" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:2362 vom 2020-06-02", "url": "https://access.redhat.com/errata/RHSA-2020:2362" }, { "category": "external", "summary": "Debian Security Advisory DLA-2608 vom 2021-03-26", "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:2813 vom 2020-07-02", "url": "https://access.redhat.com/errata/RHSA-2020:2813" }, { "category": "external", "summary": "Palo Alto Networks Security Advisory PAN-SA-2020-0007 vom 2020-07-08", "url": "https://security.paloaltonetworks.com/PAN-SA-2020-0007" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:2412 vom 2020-07-13", "url": "https://access.redhat.com/errata/RHSA-2020:2412" }, { "category": "external", "summary": "GENTOO Security Advisory GLSA-202007-03 vom 2020-07-27", "url": "https://security.gentoo.org/glsa/202007-03" }, { "category": "external", "summary": "F5 Security Advisory K66544153 vom 2020-08-03", "url": "https://support.f5.com/csp/article/K66544153" }, { "category": "external", "summary": "F5 Security Advisory K02453220 vom 2020-08-03", "url": "https://support.f5.com/csp/article/K02453220" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:3247 vom 2020-08-04", "url": "https://access.redhat.com/errata/RHSA-2020:3247" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:3369 vom 2020-08-06", "url": "https://access.redhat.com/errata/RHSA-2020:3369" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2020:2292-1 vom 2020-08-21", "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007286.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2020:2292-1 vom 2020-08-21", "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007287.html" }, { "category": "external", "summary": "Brocade Security Advisory", "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-972" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2020:2373-1 vom 2020-08-28", "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007315.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2020:2373-1 vom 2020-08-28", "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007314.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2020:2650-1 vom 2020-09-16", "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007435.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2020:2650-1 vom 2020-09-16", "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007436.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:3807 vom 2020-09-23", "url": "https://access.redhat.com/errata/RHSA-2020:3807" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:3936 vom 2020-09-29", "url": "https://access.redhat.com/errata/RHSA-2020:3936" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:4211 vom 2020-10-08", "url": "https://access.redhat.com/errata/RHSA-2020:4211" }, { "category": "external", "summary": "OTRS Security Advisory OSA-2020-14 vom 2020-10-12", "url": "https://community.otrs.com/security-advisory-2020-14/" }, { "category": "external", "summary": "HCL Article KB0084264 vom 2020-10-14", "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0084264" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:1846 vom 2021-05-18", "url": "https://access.redhat.com/errata/RHSA-2021:1846" }, { "category": "external", "summary": "Brocade Security Advisory BSA-2020-973 vom 2021-05-20", "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-973" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS-2021-1626 vom 2021-04-22", "url": "https://alas.aws.amazon.com/AL2/ALAS-2021-1626.html" }, { "category": "external", "summary": "Tenable Security Advisory", "url": "https://de.tenable.com/security/tns-2020-10" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:5412 vom 2020-12-15", "url": "https://access.redhat.com/errata/RHSA-2020:5412" }, { "category": "external", "summary": "EMC Security Advisory DSA-2020-262 vom 2021-01-16", "url": "https://www.dell.com/support/kbdoc/en-us/000180924/dsa-2020-262-dell-emc-networker-security-update-for-multiple-vulnerabilities" }, { "category": "external", "summary": "Tenable Security Advisory", "url": "https://de.tenable.com/security/tns-2021-02" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:0778 vom 2021-03-09", "url": "https://access.redhat.com/errata/RHSA-2021:0778" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:0860 vom 2021-03-16", "url": "https://access.redhat.com/errata/RHSA-2021:0860" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2021-0860 vom 2021-03-19", "url": "https://linux.oracle.com/errata/ELSA-2021-0860.html" }, { "category": "external", "summary": "HPE Security Bulletin", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04175en_us" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2021-9400 vom 2021-08-09", "url": "https://linux.oracle.com/errata/ELSA-2021-9400.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:4142 vom 2021-11-09", "url": "https://access.redhat.com/errata/RHSA-2021:4142" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2021-9552 vom 2021-11-19", "url": "https://linux.oracle.com/errata/ELSA-2021-9552.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2022-9177 vom 2022-03-01", "url": "https://linux.oracle.com/errata/ELSA-2022-9177.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2022:6393 vom 2022-09-08", "url": "https://access.redhat.com/errata/RHSA-2022:6393" }, { "category": "external", "summary": "SolarWinds Platform 2022.3 Release Notes", "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm" }, { "category": "external", "summary": "IBM Security Bulletin 6852773 vom 2023-01-05", "url": "https://www.ibm.com/support/pages/node/6852773" } ], "source_lang": "en-US", "title": "jQuery: Mehrere Schwachstellen erm\u00f6glichen Cross-Site Scripting", "tracking": { "current_release_date": "2023-11-02T23:00:00.000+00:00", "generator": { "date": "2024-02-15T16:57:54.402+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2022-1347", "initial_release_date": "2020-05-03T22:00:00.000+00:00", "revision_history": [ { "date": "2020-05-03T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2020-05-21T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Drupal aufgenommen" }, { "date": "2020-05-24T22:00:00.000+00:00", "number": "3", "summary": "Referenz(en) aufgenommen: FEDORA-2020-11BE4B36D4" }, { "date": "2020-05-26T22:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2020-05-27T22:00:00.000+00:00", "number": "5", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2020-06-02T22:00:00.000+00:00", "number": "6", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2020-06-07T22:00:00.000+00:00", "number": "7", "summary": "Referenz(en) aufgenommen: FEDORA-2020-36D2DB5F51" }, { "date": "2020-07-02T22:00:00.000+00:00", "number": "8", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2020-07-08T22:00:00.000+00:00", "number": "9", "summary": "Neue Informationen von Palo Alto Networks aufgenommen" }, { "date": "2020-07-13T22:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2020-07-26T22:00:00.000+00:00", "number": "11", "summary": "Neue Updates von GENTOO aufgenommen" }, { "date": "2020-08-03T22:00:00.000+00:00", "number": "12", "summary": "Neue Updates von F5 aufgenommen" }, { "date": "2020-08-04T22:00:00.000+00:00", "number": "13", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2020-08-06T22:00:00.000+00:00", "number": "14", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2020-08-23T22:00:00.000+00:00", "number": "15", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2020-08-30T22:00:00.000+00:00", "number": "16", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2020-09-06T22:00:00.000+00:00", "number": "17", "summary": "Referenz(en) aufgenommen: FEDORA-2020-FBB94073A1" }, { "date": "2020-09-16T22:00:00.000+00:00", "number": "18", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2020-09-23T22:00:00.000+00:00", "number": "19", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2020-09-29T22:00:00.000+00:00", "number": "20", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2020-10-07T22:00:00.000+00:00", "number": "21", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2020-10-11T22:00:00.000+00:00", "number": "22", "summary": "Neue Updates von OTRS aufgenommen" }, { "date": "2020-10-14T22:00:00.000+00:00", "number": "23", "summary": "Neue Updates von HCL aufgenommen" }, { "date": "2020-12-07T23:00:00.000+00:00", "number": "24", "summary": "Neue Updates von Tenable aufgenommen" }, { "date": "2020-12-15T23:00:00.000+00:00", "number": "25", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2021-01-17T23:00:00.000+00:00", "number": "26", "summary": "Neue Updates von EMC aufgenommen" }, { "date": "2021-02-17T23:00:00.000+00:00", "number": "27", "summary": "Neue Updates von Tenable aufgenommen" }, { "date": "2021-03-09T23:00:00.000+00:00", "number": "28", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2021-03-16T23:00:00.000+00:00", "number": "29", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2021-03-18T23:00:00.000+00:00", "number": "30", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2021-03-25T23:00:00.000+00:00", "number": "31", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2021-04-21T22:00:00.000+00:00", "number": "32", "summary": "Neue Updates von Amazon aufgenommen" }, { "date": "2021-05-16T22:00:00.000+00:00", "number": "33", "summary": "Neue Updates von BROCADE aufgenommen" }, { "date": "2021-05-18T22:00:00.000+00:00", "number": "34", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2021-05-20T22:00:00.000+00:00", "number": "35", "summary": "Neue Updates von BROCADE aufgenommen" }, { "date": "2021-07-18T22:00:00.000+00:00", "number": "36", "summary": "Neue Updates von HP aufgenommen" }, { "date": "2021-08-09T22:00:00.000+00:00", "number": "37", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2021-11-09T23:00:00.000+00:00", "number": "38", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2021-11-18T23:00:00.000+00:00", "number": "39", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2022-02-28T23:00:00.000+00:00", "number": "40", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2022-09-08T22:00:00.000+00:00", "number": "41", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2022-09-28T22:00:00.000+00:00", "number": "42", "summary": "Neue Updates aufgenommen" }, { "date": "2023-01-05T23:00:00.000+00:00", "number": "43", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2023-03-02T23:00:00.000+00:00", "number": "44", "summary": "Neue Updates von Tenable aufgenommen" }, { "date": "2023-07-25T22:00:00.000+00:00", "number": "45", "summary": "Neue Updates aufgenommen" }, { "date": "2023-10-26T22:00:00.000+00:00", "number": "46", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2023-11-02T23:00:00.000+00:00", "number": "47", "summary": "Neue Updates von moxa aufgenommen" } ], "status": "final", "version": "47" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "398363", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "category": "product_name", "name": "Broadcom Brocade Switch", "product": { "name": "Broadcom Brocade Switch", "product_id": "T015844", "product_identification_helper": { "cpe": "cpe:/h:brocade:switch:-" } } } ], "category": "vendor", "name": "Broadcom" }, { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "category": "product_name", "name": "EMC NetWorker \u003c 19.4", "product": { "name": "EMC NetWorker \u003c 19.4", "product_id": "T018107", "product_identification_helper": { "cpe": "cpe:/a:emc:networker:19.4" } } } ], "category": "vendor", "name": "EMC" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP", "product": { "name": "F5 BIG-IP", "product_id": "T001663", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip:-" } } } ], "category": "vendor", "name": "F5" }, { "branches": [ { "category": "product_name", "name": "Gentoo Linux", "product": { "name": "Gentoo Linux", "product_id": "T012167", "product_identification_helper": { "cpe": "cpe:/o:gentoo:linux:-" } } } ], "category": "vendor", "name": "Gentoo" }, { "branches": [ { "category": "product_name", "name": "HCL BigFix", "product": { "name": "HCL BigFix", "product_id": "T017494", "product_identification_helper": { "cpe": "cpe:/a:hcltech:bigfix:-" } } } ], "category": "vendor", "name": "HCL" }, { "branches": [ { "category": "product_name", "name": "HPE Fabric OS \u003c 9.0.1a", "product": { "name": "HPE Fabric OS \u003c 9.0.1a", "product_id": "T019354", "product_identification_helper": { "cpe": "cpe:/o:hpe:fabric_os:v9.0.1a" } } }, { "category": "product_name", "name": "HPE Switch", "product": { "name": "HPE Switch", "product_id": "T005119", "product_identification_helper": { "cpe": "cpe:/h:hp:switch:-" } } } ], "category": "vendor", "name": "HPE" }, { "branches": [ { "category": "product_name", "name": "IBM Maximo Asset Management 7.6.1.2", "product": { "name": "IBM Maximo Asset Management 7.6.1.2", "product_id": "812526", "product_identification_helper": { "cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.2" } } }, { "category": "product_name", "name": "IBM Tivoli Network Manager IP Edition \u003c= 4.2.0.15", "product": { "name": "IBM Tivoli Network Manager IP Edition \u003c= 4.2.0.15", "product_id": "T025750", "product_identification_helper": { "cpe": "cpe:/a:ibm:tivoli_network_manager:4.2.0.15::ip_edition" } } } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "Moxa Switch \u003c PT-G503 v5.3", "product": { "name": "Moxa Switch \u003c PT-G503 v5.3", "product_id": "T030907", "product_identification_helper": { "cpe": "cpe:/h:moxa:switch:pt-g503_v5.3" } } } ], "category": "vendor", "name": "Moxa" }, { "branches": [ { "category": "product_name", "name": "Open Source jQuery \u003c 3.5.0", "product": { "name": "Open Source jQuery \u003c 3.5.0", "product_id": "T016413", "product_identification_helper": { "cpe": "cpe:/a:jquery:jquery:3.5.0" } } } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "PaloAlto Networks PAN-OS", "product": { "name": "PaloAlto Networks PAN-OS", "product_id": "T012790", "product_identification_helper": { "cpe": "cpe:/o:paloaltonetworks:pan-os:-" } } } ], "category": "vendor", "name": "PaloAlto Networks" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "SolarWinds Orion", "product": { "name": "SolarWinds Orion", "product_id": "T024734", "product_identification_helper": { "cpe": "cpe:/a:solarwinds:orion_core_services:-" } } }, { "category": "product_name", "name": "SolarWinds Platform \u003c 2023.3", "product": { "name": "SolarWinds Platform \u003c 2023.3", "product_id": "T028897", "product_identification_helper": { "cpe": "cpe:/a:solarwinds:orion_platform:2023.3" } } } ], "category": "vendor", "name": "SolarWinds" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Tenable Security Nessus", "product": { "name": "Tenable Security Nessus", "product_id": "T016399", "product_identification_helper": { "cpe": "cpe:/a:tenable:nessus:-" } } }, { "category": "product_name", "name": "Tenable Security Nessus \u003c 10.5.0", "product": { "name": "Tenable Security Nessus \u003c 10.5.0", "product_id": "T026604", "product_identification_helper": { "cpe": "cpe:/a:tenable:nessus:10.5.0" } } } ], "category": "product_name", "name": "Nessus" }, { "category": "product_name", "name": "Tenable Security Nessus Network Monitor", "product": { "name": "Tenable Security Nessus Network Monitor", "product_id": "T016632", "product_identification_helper": { "cpe": "cpe:/a:tenable:nessus_network_monitor:-" } } } ], "category": "vendor", "name": "Tenable Security" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-11022", "notes": [ { "category": "description", "text": "In jQuery existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden in \"jQuery.htmlPrefilter\" und in \"Option\" Elementen nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstelle muss der Angreifer den Benutzer dazu bringen, eine modifizierte URL oder Webseite in seinem Webbrowser zu \u00f6ffnen." } ], "product_status": { "known_affected": [ "67646", "T015844", "T005119", "T012167", "T016632", "T004914", "T016399", "T017494", "T012790", "2951", "T002207", "T026604", "T024734", "T001663", "812526", "398363", "T028897", "T025750", "T030907" ] }, "release_date": "2020-05-03T22:00:00Z", "title": "CVE-2020-11022" }, { "cve": "CVE-2020-11023", "notes": [ { "category": "description", "text": "In jQuery existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden in \"jQuery.htmlPrefilter\" und in \"Option\" Elementen nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstelle muss der Angreifer den Benutzer dazu bringen, eine modifizierte URL oder Webseite in seinem Webbrowser zu \u00f6ffnen." } ], "product_status": { "known_affected": [ "67646", "T015844", "T005119", "T012167", "T016632", "T004914", "T016399", "T017494", "T012790", "2951", "T002207", "T026604", "T024734", "T001663", "812526", "398363", "T028897", "T025750", "T030907" ] }, "release_date": "2020-05-03T22:00:00Z", "title": "CVE-2020-11023" } ] }
wid-sec-w-2023-0063
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen f\u00fcr das Netzwerkmanagement beinhaltet.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern.", "title": "Angriff" }, { "category": "general", "text": "- Juniper Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0063 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0063.json" }, { "category": "self", "summary": "WID-SEC-2023-0063 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0063" }, { "category": "external", "summary": "Juniper Security Advisory JSA70182 vom 2023-01-12", "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Service-Orchestration-Multiple-vulnerabilities-resolved-in-CSO-6-3-0?language=en_US" }, { "category": "external", "summary": "Juniper Security Advisory vom 2022-01-12", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11287\u0026cat=SIRT_1" } ], "source_lang": "en-US", "title": "Juniper Junos Space: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-01-11T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:09:11.163+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0063", "initial_release_date": "2022-01-12T23:00:00.000+00:00", "revision_history": [ { "date": "2022-01-12T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-01-11T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Juniper aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Juniper Contrail Service Orchestration", "product": { "name": "Juniper Contrail Service Orchestration", "product_id": "T025794", "product_identification_helper": { "cpe": "cpe:/a:juniper:contrail_service_orchestration:-" } } }, { "category": "product_name", "name": "Juniper Junos Space \u003c 21.3R1", "product": { "name": "Juniper Junos Space \u003c 21.3R1", "product_id": "T021576", "product_identification_helper": { "cpe": "cpe:/a:juniper:junos_space:21.3r1" } } } ], "category": "vendor", "name": "Juniper" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-17543", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2019-17543" }, { "cve": "CVE-2019-20934", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2019-20934" }, { "cve": "CVE-2020-0543", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-0543" }, { "cve": "CVE-2020-0548", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-0548" }, { "cve": "CVE-2020-0549", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-0549" }, { "cve": "CVE-2020-11022", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11022" }, { "cve": "CVE-2020-11023", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11023" }, { "cve": "CVE-2020-11668", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11668" }, { "cve": "CVE-2020-11984", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11984" }, { "cve": "CVE-2020-11993", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11993" }, { "cve": "CVE-2020-12362", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-12362" }, { "cve": "CVE-2020-12363", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-12363" }, { "cve": "CVE-2020-12364", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-12364" }, { "cve": "CVE-2020-1927", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-1927" }, { "cve": "CVE-2020-1934", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-1934" }, { "cve": "CVE-2020-24489", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-24489" }, { "cve": "CVE-2020-24511", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-24511" }, { "cve": "CVE-2020-24512", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-24512" }, { "cve": "CVE-2020-27170", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-27170" }, { "cve": "CVE-2020-27777", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-27777" }, { "cve": "CVE-2020-29443", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-29443" }, { "cve": "CVE-2020-8625", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8625" }, { "cve": "CVE-2020-8648", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8648" }, { "cve": "CVE-2020-8695", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8695" }, { "cve": "CVE-2020-8696", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8696" }, { "cve": "CVE-2020-8698", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8698" }, { "cve": "CVE-2020-9490", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-9490" }, { "cve": "CVE-2021-20254", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-20254" }, { "cve": "CVE-2021-22555", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-22555" }, { "cve": "CVE-2021-22901", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-22901" }, { "cve": "CVE-2021-2341", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2341" }, { "cve": "CVE-2021-2342", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2342" }, { "cve": "CVE-2021-2356", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2356" }, { "cve": "CVE-2021-2369", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2369" }, { "cve": "CVE-2021-2372", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2372" }, { "cve": "CVE-2021-2385", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2385" }, { "cve": "CVE-2021-2388", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2388" }, { "cve": "CVE-2021-2389", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2389" }, { "cve": "CVE-2021-2390", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2390" }, { "cve": "CVE-2021-25214", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-25214" }, { "cve": "CVE-2021-25217", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-25217" }, { "cve": "CVE-2021-27219", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-27219" }, { "cve": "CVE-2021-29154", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-29154" }, { "cve": "CVE-2021-29650", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-29650" }, { "cve": "CVE-2021-31535", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-31535" }, { "cve": "CVE-2021-32399", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-32399" }, { "cve": "CVE-2021-33033", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-33033" }, { "cve": "CVE-2021-33034", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-33034" }, { "cve": "CVE-2021-3347", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3347" }, { "cve": "CVE-2021-33909", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-33909" }, { "cve": "CVE-2021-3653", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3653" }, { "cve": "CVE-2021-3656", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3656" }, { "cve": "CVE-2021-3715", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3715" }, { "cve": "CVE-2021-37576", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-37576" }, { "cve": "CVE-2021-4104", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-4104" }, { "cve": "CVE-2021-42550", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-42550" }, { "cve": "CVE-2021-44228", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-44228" }, { "cve": "CVE-2021-45046", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-45046" } ] }
wid-sec-w-2023-0239
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "JBoss Enterprise Application Platform ist eine skalierbare Plattform f\u00fcr Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat JBoss Enterprise Application Platform ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0239 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0239.json" }, { "category": "self", "summary": "WID-SEC-2023-0239 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0239" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0552 vom 2023-01-31", "url": "https://access.redhat.com/errata/RHSA-2023:0552" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0553 vom 2023-01-31", "url": "https://access.redhat.com/errata/RHSA-2023:0553" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0554 vom 2023-01-31", "url": "https://access.redhat.com/errata/RHSA-2023:0554" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0556 vom 2023-01-31", "url": "https://access.redhat.com/errata/RHSA-2023:0556" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0560 vom 2023-02-08", "url": "https://access.redhat.com/errata/RHSA-2023:0560" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0713 vom 2023-02-09", "url": "https://access.redhat.com/errata/RHSA-2023:0713" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1044 vom 2023-03-02", "url": "https://access.redhat.com/errata/RHSA-2023:1044" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1043 vom 2023-03-02", "url": "https://access.redhat.com/errata/RHSA-2023:1043" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1049 vom 2023-03-02", "url": "https://access.redhat.com/errata/RHSA-2023:1049" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1047 vom 2023-03-02", "url": "https://access.redhat.com/errata/RHSA-2023:1047" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1045 vom 2023-03-02", "url": "https://access.redhat.com/errata/RHSA-2023:1045" }, { "category": "external", "summary": "F5 Security Advisory K48382137 vom 2023-04-21", "url": "https://my.f5.com/manage/s/article/K48382137" }, { "category": "external", "summary": "F5 Security Advisory K05380109 vom 2023-04-20", "url": "https://my.f5.com/manage/s/article/K05380109" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3223 vom 2023-05-18", "url": "https://access.redhat.com/errata/RHSA-2023:3223" }, { "category": "external", "summary": "Hitachi Software Vulnerability Information hitachi-sec-2023-116 vom 2023-05-23", "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-116/index.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4983 vom 2023-09-05", "url": "https://access.redhat.com/errata/RHSA-2023:4983" }, { "category": "external", "summary": "Hitachi Vulnerability Information HITACHI-SEC-2023-143 vom 2023-10-03", "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-143/index.html" }, { "category": "external", "summary": "Dell Security Advisory DSA-2023-409 vom 2023-12-23", "url": "https://www.dell.com/support/kbdoc/000220669/dsa-2023-=" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1027 vom 2024-02-28", "url": "https://access.redhat.com/errata/RHSA-2024:1027" } ], "source_lang": "en-US", "title": "Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-02-28T23:00:00.000+00:00", "generator": { "date": "2024-02-29T09:06:41.350+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0239", "initial_release_date": "2023-01-31T23:00:00.000+00:00", "revision_history": [ { "date": "2023-01-31T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-02-08T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-02-09T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-03-01T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-04-20T22:00:00.000+00:00", "number": "5", "summary": "Neue Updates von F5 aufgenommen" }, { "date": "2023-05-18T22:00:00.000+00:00", "number": "6", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-05-22T22:00:00.000+00:00", "number": "7", "summary": "Neue Updates von HITACHI aufgenommen" }, { "date": "2023-09-05T22:00:00.000+00:00", "number": "8", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-10-03T22:00:00.000+00:00", "number": "9", "summary": "Neue Updates von HITACHI aufgenommen" }, { "date": "2023-12-26T23:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Dell aufgenommen" }, { "date": "2024-02-28T23:00:00.000+00:00", "number": "11", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "11" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "F5 BIG-IP", "product": { "name": "F5 BIG-IP", "product_id": "T001663", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip:-" } } } ], "category": "vendor", "name": "F5" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Hitachi Ops Center", "product": { "name": "Hitachi Ops Center", "product_id": "T017562", "product_identification_helper": { "cpe": "cpe:/a:hitachi:ops_center:-" } } }, { "category": "product_version_range", "name": "\u003c Common Services 10.9.3-00", "product": { "name": "Hitachi Ops Center \u003c Common Services 10.9.3-00", "product_id": "T030195", "product_identification_helper": { "cpe": "cpe:/a:hitachi:ops_center:common_services_10.9.3-00" } } } ], "category": "product_name", "name": "Ops Center" } ], "category": "vendor", "name": "Hitachi" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } }, { "branches": [ { "category": "product_version_range", "name": "Streams \u003c 2.4.0", "product": { "name": "Red Hat JBoss A-MQ Streams \u003c 2.4.0", "product_id": "T027764", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_amq:streams_2.4.0" } } } ], "category": "product_name", "name": "JBoss A-MQ" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 7.4.9", "product": { "name": "Red Hat JBoss Enterprise Application Platform \u003c 7.4.9", "product_id": "T026073", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4.9" } } } ], "category": "product_name", "name": "JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "container platform 4.0.51", "product": { "name": "Red Hat OpenShift container platform 4.0.51", "product_id": "T026183", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform_4.0.51" } } } ], "category": "product_name", "name": "OpenShift" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-9251", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2015-9251" }, { "cve": "CVE-2016-10735", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2016-10735" }, { "cve": "CVE-2017-18214", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2017-18214" }, { "cve": "CVE-2018-14040", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2018-14040" }, { "cve": "CVE-2018-14041", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2018-14041" }, { "cve": "CVE-2018-14042", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2018-14042" }, { "cve": "CVE-2019-11358", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2019-11358" }, { "cve": "CVE-2019-8331", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2019-8331" }, { "cve": "CVE-2020-11022", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2020-11022" }, { "cve": "CVE-2020-11023", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2020-11023" }, { "cve": "CVE-2022-3143", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2022-3143" }, { "cve": "CVE-2022-40149", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2022-40149" }, { "cve": "CVE-2022-40150", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2022-40150" }, { "cve": "CVE-2022-40152", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2022-40152" }, { "cve": "CVE-2022-42003", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2022-42003" }, { "cve": "CVE-2022-42004", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2022-42004" }, { "cve": "CVE-2022-45047", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2022-45047" }, { "cve": "CVE-2022-45693", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2022-45693" }, { "cve": "CVE-2022-46364", "notes": [ { "category": "description", "text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T026183", "67646", "T001663", "T027764", "T030195", "T017562" ] }, "release_date": "2023-01-31T23:00:00Z", "title": "CVE-2022-46364" } ] }
icsa-22-097-01
Vulnerability from csaf_cisa
Notes
{ "document": { "acknowledgments": [ { "organization": "CERT@VDE", "summary": "coordinating these vulnerabilities with Pepperl+Fuchs" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "general", "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", "title": "CISA Disclaimer" }, { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities may result in a denial-of-service condition, code execution, and code exposure.", "title": "Risk evaluation" }, { "category": "other", "text": "Multiple", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Germany", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take the following measures to protect themselves from social engineering attacks:", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "other", "text": "No known public exploits specifically target these vulnerabilities.", "title": "Exploitability" } ], "publisher": { "category": "coordinator", "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSA-22-097-01 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-097-01.json" }, { "category": "self", "summary": "ICS Advisory ICSA-22-097-01 Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-097-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B" } ], "title": "Pepperl+Fuchs WirelessHART-Gateway", "tracking": { "current_release_date": "2022-04-07T00:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-22-097-01", "initial_release_date": "2022-04-07T00:00:00.000000Z", "revision_history": [ { "date": "2022-04-07T00:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "ICSA-22-097-01 Pepperl+Fuchs WirelessHART-Gateway" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "3.0.7 | 3.0.8 | 3.0.9", "product": { "name": "WHA-GW-F2D2-0-AS- Z2-ETH: Versions 3.0.7 3.0.8 3.0.9", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "WHA-GW-F2D2-0-AS- Z2-ETH" }, { "branches": [ { "category": "product_version", "name": "3.0.7 | 3.0.8 | 3.0.9", "product": { "name": "WHA-GW-F2D2-0-AS- Z2-ETH.EIP: Versions 3.0.7 3.0.8 3.0.9", "product_id": "CSAFPID-0002" } } ], "category": "product_name", "name": "WHA-GW-F2D2-0-AS- Z2-ETH.EIP" } ], "category": "vendor", "name": "Pepperl+Fuchs" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-34565", "cwe": { "id": "CWE-798", "name": "Use of Hard-coded Credentials" }, "notes": [ { "category": "summary", "text": "The affected product allows active SSH and telnet services with hard-coded credentials.CVE-2021-34565 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34565" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2016-10707", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "jQuery 3.0.0-rc.1 is vulnerable to a denial-of-service condition due to removing a logic a lowercased attribute names. Any attribute using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit.CVE-2016-10707 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10707" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2021-34561", "cwe": { "id": "CWE-350", "name": "Reliance on Reverse DNS Resolution for a Security-Critical Action" }, "notes": [ { "category": "summary", "text": "If the application is not externally accessible or uses IP-based access restrictions, attackers can use DNS rebinding to bypass any IP or firewall-based access restrictions by proxying through their target\u0027s browser. This vulnerability only affects Versions 3.0.7 through 3.0.8.CVE-2021-34561 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34561" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2021-33555", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "notes": [ { "category": "summary", "text": "The filename parameter is vulnerable to unauthenticated path traversal attacks, enabling read access to arbitrary files on the server. This vulnerability only affects Version 3.0.7.CVE-2021-33555 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33555" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2014-6071", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "summary", "text": "jQuery Version 1.4.2 allows remote attackers to conduct cross-site scripting attacks via vectors related to use of the text method.CVE-2014-6071 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6071" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2012-6708", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "summary", "text": "jQuery versions prior to 1.9.0 are vulnerable to cross-site scripting attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the \u0027\u003c\u0027 character anywhere in the string, giving attackers more flexibility when attempting to deliver a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the \u0027\u003c\u0027 character, limiting exploitability only to attackers who can control the beginning of a string.CVE-2012-6708 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6708" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2015-9251", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "summary", "text": "jQuery versions prior to 3.0.0 are vulnerable to cross-site scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.CVE-2015-9251 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9251" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "summary", "text": "In jQuery versions between 1.0.3 and 3.5.0, passing HTML containing \u003coption\u003e elements from untrusted sources (even after sanitizing it) to one of jQuery\u0027s DOM manipulation methods (i.e., .html(), .append(), and others) may execute untrusted code. This vulnerability is patched in jQuery 3.5.0.CVE-2020-11023 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11023" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "summary", "text": "In jQuery versions between 1.2 and 3.5.0, passing HTML from untrusted sources (even after sanitizing it) to one of jQuery\u0027s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This vulnerability is patched in jQuery 3.5.0.CVE-2020-11022 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11022" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2019-11358", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "summary", "text": "jQuery versions prior to 3.4.0, as used in specific products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.CVE-2019-11358 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11358" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2020-7656", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "summary", "text": "jQuery versions prior to 1.9.0 allow cross-site scripting attacks via the load method. The load method fails to recognize and remove \"\u003cscript\u003e\" HTML tags that contain a whitespace character, \"\u003c/script \u003e\", which results in the enclosed script logic to be executed.CVE-2020-7656 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7656" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2021-34560", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "The affected product contains a password field with autocomplete enabled. The stored credentials can be captured by an attacker who gains control over the user\u0027s computer.CVE-2021-34560 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34560" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2021-34564", "cwe": { "id": "CWE-315", "name": "Cleartext Storage of Sensitive Information in a Cookie" }, "notes": [ { "category": "summary", "text": "Cookie stealing vulnerabilities within the application or browser allow an attacker to steal the user\u0027s credentials in Version 3.0.9.CVE-2021-34564 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34564" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2021-34559", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "notes": [ { "category": "summary", "text": "In the affected product, Versions 3.0.7 through 3.0.8 have a vulnerability that may allow remote attackers to rewrite links and URLs in cached pages to arbitrary strings.CVE-2021-34559 has been assigned to this vulnerability. A CVSS v3 base score of 5.4 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34559" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2021-34562", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "summary", "text": "In the affected product, Version 3.0.8, it is possible to inject arbitrary JavaScript into the application\u0027s response.CVE-2021-34562 has been assigned to this vulnerability. A CVSS v3 base score of 5.4 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34562" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2007-2379", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "The jQuery framework exchanges data using JavaScript object notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\"CVE-2007-2379 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2379" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2011-4969", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "summary", "text": "jQuery versions prior to 1.6.3 contain a Cross-site scripting (XSS) vulnerability, which when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.CVE-2011-4969 has been assigned to this vulnerability. A CVSS v3 base score of 4.7 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2021-34563", "cwe": { "id": "CWE-1004", "name": "Sensitive Cookie Without \u0027HttpOnly\u0027 Flag" }, "notes": [ { "category": "summary", "text": "In the affected product, Versions 3.0.8 and 3.0.9, the HttpOnly attribute is not set on a cookie, which allows the cookie\u0027s value to be read or set by client-side JavaScript.CVE-2021-34563 has been assigned to this vulnerability. A CVSS v3 base score of 3.3 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34563" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2013-0169", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the Lucky Thirteen issue.CVE-2013-0169 has been assigned to this vulnerability. A CVSS v3 base score of 3.7 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0169" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Isolate affected products from the corporate network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "If remote access is required, use secure methods such as virtual private networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://cert.vde.com/en/advisories/VDE-2021-027/" } ], "scores": [ { "cvss_v3": { "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] } ] }
icsa-21-306-01
Vulnerability from csaf_cisa
Notes
{ "document": { "acknowledgments": [ { "organization": "Johnson Controls, Inc", "summary": "reporting this vulnerability to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "general", "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", "title": "CISA Disclaimer" }, { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of this vulnerability could allow the execution of untrusted code when viewing the VideoEdge admin graphical user interface.", "title": "Risk evaluation" }, { "category": "other", "text": "Critical Manufacturing", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Ireland", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "other", "text": "No known public exploits specifically target this vulnerability.", "title": "Exploitability" } ], "publisher": { "category": "coordinator", "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSA-21-306-01 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-306-01.json" }, { "category": "self", "summary": "ICS Advisory ICSA-21-306-01 Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-306-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B" } ], "title": "Sensormatic Electronics VideoEdge", "tracking": { "current_release_date": "2021-11-02T00:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-21-306-01", "initial_release_date": "2021-11-02T00:00:00.000000Z", "revision_history": [ { "date": "2021-11-02T00:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "ICSA-21-306-01 Sensormatic Electronics VideoEdge" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c 5.7.1", "product": { "name": "VideoEdge: All versions prior to v5.7.1", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "VideoEdge" } ], "category": "vendor", "name": "Sensormatic Electronics, LLC, Johnson Controls Inc." } ] }, "vulnerabilities": [ { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "summary", "text": "A vulnerability in the JQuery web user interface (UI) component could allow a webpage to be altered before it is served to users.CVE-2020-11023 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11023" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "remediations": [ { "category": "vendor_fix", "details": "Upgrade VideoEdge: to Version 5.7.1", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "For more detailed mitigation and product upgrade instructions, please see Johnson Controls Product Security Advisory JCI-PSA-2021-17 v1", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2021/jci-psa-2021-17.pdf" }, { "category": "mitigation", "details": "Further ICS security notices and product security guidance are located at the Johnson Controls product security website.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories" }, { "category": "mitigation", "details": "Users with additional questions may contact Johnson Controls Global Product Security.", "product_ids": [ "CSAFPID-0001" ], "url": "mailto:productsecurity@jci.com" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001" ] } ] } ] }
ghsa-jpcq-cgw6-v4j6
Vulnerability from github
Impact
Passing HTML containing <option>
elements from untrusted sources - even after sanitizing them - to one of jQuery's DOM manipulation methods (i.e. .html()
, .append()
, and others) may execute untrusted code.
Patches
This problem is patched in jQuery 3.5.0.
Workarounds
To workaround this issue without upgrading, use DOMPurify with its SAFE_FOR_JQUERY
option to sanitize the HTML string before passing it to a jQuery method.
References
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
For more information
If you have any questions or comments about this advisory, search for a relevant issue in the jQuery repo. If you don't find an answer, open a new issue.
{ "affected": [ { "ecosystem_specific": { "affected_functions": [ "(jquery).htmlPrefilter" ] }, "package": { "ecosystem": "npm", "name": "jquery" }, "ranges": [ { "events": [ { "introduced": "1.0.3" }, { "fixed": "3.5.0" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "RubyGems", "name": "jquery-rails" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "4.4.0" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "NuGet", "name": "jQuery" }, "ranges": [ { "events": [ { "introduced": "1.0.3" }, { "fixed": "3.5.0" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Maven", "name": "org.webjars.npm:jquery" }, "ranges": [ { "events": [ { "introduced": "1.0.3" }, { "fixed": "3.5.0" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2020-11023" ], "database_specific": { "cwe_ids": [ "CWE-79" ], "github_reviewed": true, "github_reviewed_at": "2020-04-29T21:04:50Z", "nvd_published_at": "2020-04-29T21:15:00Z", "severity": "MODERATE" }, "details": "### Impact\nPassing HTML containing `\u003coption\u003e` elements from untrusted sources - even after sanitizing them - to one of jQuery\u0027s DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may execute untrusted code.\n\n### Patches\nThis problem is patched in jQuery 3.5.0.\n\n### Workarounds\nTo workaround this issue without upgrading, use [DOMPurify](https://github.com/cure53/DOMPurify) with its `SAFE_FOR_JQUERY` option to sanitize the HTML string before passing it to a jQuery method.\n\n### References\nhttps://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\n\n### For more information\nIf you have any questions or comments about this advisory, search for a relevant issue in [the jQuery repo](https://github.com/jquery/jquery/issues). If you don\u0027t find an answer, open a new issue.", "id": "GHSA-jpcq-cgw6-v4j6", "modified": "2024-05-15T19:48:00Z", "published": "2020-04-29T22:19:14Z", "references": [ { "type": "WEB", "url": "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "type": "WEB", "url": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E" }, { "type": "WEB", "url": "https://www.tenable.com/security/tns-2021-10" }, { "type": "WEB", "url": "https://www.tenable.com/security/tns-2021-02" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "type": "WEB", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "type": "WEB", "url": "https://www.drupal.org/sa-core-2020-002" }, { "type": "WEB", "url": "https://www.debian.org/security/2020/dsa-4693" }, { "type": "WEB", "url": "https://snyk.io/vuln/SNYK-JS-JQUERY-565129" }, { "type": "WEB", "url": "https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-565440" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20230725-0003" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20200511-0006" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/202007-03" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E" }, { "type": "WEB", "url": "https://jquery.com/upgrade-guide/3.5" }, { "type": "WEB", "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-23064.yml" }, { "type": "WEB", "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml" }, { "type": "WEB", "url": "https://github.com/rails/jquery-rails/blob/v4.4.0/vendor/assets/javascripts/jquery3.js#L6162" }, { "type": "WEB", "url": "https://github.com/rails/jquery-rails/blob/v4.3.5/vendor/assets/javascripts/jquery3.js#L5979" }, { "type": "WEB", "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440" }, { "type": "WEB", "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#410" }, { "type": "WEB", "url": "https://github.com/jquery/jquery/releases/tag/3.5.0" }, { "type": "PACKAGE", "url": "https://github.com/jquery/jquery" }, { "type": "WEB", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html" }, { "type": "WEB", "url": "http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N", "type": "CVSS_V3" } ], "summary": "Potential XSS vulnerability in jQuery" }
gsd-2020-11023
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2020-11023", "description": "In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing \u003coption\u003e elements from untrusted sources - even after sanitizing it - to one of jQuery\u0027s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.", "id": "GSD-2020-11023", "references": [ "https://www.suse.com/security/cve/CVE-2020-11023.html", "https://www.debian.org/security/2020/dsa-4693", "https://access.redhat.com/errata/RHSA-2021:4142", "https://access.redhat.com/errata/RHSA-2021:1846", "https://access.redhat.com/errata/RHSA-2021:0860", "https://access.redhat.com/errata/RHSA-2021:0778", "https://access.redhat.com/errata/RHSA-2020:5412", "https://access.redhat.com/errata/RHSA-2020:5249", "https://access.redhat.com/errata/RHSA-2020:4847", "https://access.redhat.com/errata/RHSA-2020:4298", "https://access.redhat.com/errata/RHSA-2020:4211", "https://access.redhat.com/errata/RHSA-2020:3807", "https://access.redhat.com/errata/RHSA-2020:3369", "https://access.redhat.com/errata/RHSA-2020:3247", "https://access.redhat.com/errata/RHSA-2020:2813", "https://access.redhat.com/errata/RHSA-2020:2412", "https://linux.oracle.com/cve/CVE-2020-11023.html", "https://packetstormsecurity.com/files/cve/CVE-2020-11023", "https://access.redhat.com/errata/RHSA-2022:6393", "https://access.redhat.com/errata/RHSA-2022:7343", "https://access.redhat.com/errata/RHSA-2023:0552", "https://access.redhat.com/errata/RHSA-2023:0553", "https://access.redhat.com/errata/RHSA-2023:0554", "https://access.redhat.com/errata/RHSA-2023:0556", "https://access.redhat.com/errata/RHSA-2023:1043", "https://access.redhat.com/errata/RHSA-2023:1044", "https://access.redhat.com/errata/RHSA-2023:1045", "https://access.redhat.com/errata/RHSA-2023:1049" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "affected": [ { "package": { "ecosystem": "RubyGems", "name": "jquery-rails", "purl": "pkg:gem/jquery-rails" } } ], "aliases": [ "CVE-2020-11023", "GHSA-jpcq-cgw6-v4j6" ], "details": "## Impact\n\nPassing HTML containing `\u003coption\u003e` elements from untrusted sources - even after\nsanitizing them - to one of jQuery\u0027s DOM manipulation methods (i.e. `.html()`,\n`.append()`, and others) may execute untrusted code.\n\n## Workarounds\n\nTo workaround this issue without upgrading, use DOMPurify with its\n`SAFE_FOR_JQUERY` option to sanitize the HTML string before passing it to a\njQuery method.\n", "id": "GSD-2020-11023", "modified": "2020-04-29T00:00:00.000Z", "published": "2020-04-29T00:00:00.000Z", "references": [ { "type": "WEB", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released" }, { "type": "WEB", "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440" } ], "schema_version": "1.4.0", "severity": [ { "score": 6.9, "type": "CVSS_V3" } ], "summary": "Potential XSS vulnerability in jQuery" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-11023", "STATE": "PUBLIC", "TITLE": "Potential XSS vulnerability in jQuery" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "jQuery", "version": { "version_data": [ { "version_value": "\u003e= 1.0.3, \u003c 3.5.0" } ] } } ] }, "vendor_name": "jquery" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing \u003coption\u003e elements from untrusted sources - even after sanitizing it - to one of jQuery\u0027s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0." } ] }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-4693", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4693" }, { "name": "FEDORA-2020-36d2db5f51", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/" }, { "name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "name": "https://jquery.com/upgrade-guide/3.5/", "refsource": "MISC", "url": "https://jquery.com/upgrade-guide/3.5/" }, { "name": "https://security.netapp.com/advisory/ntap-20200511-0006/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20200511-0006/" }, { "name": "https://www.drupal.org/sa-core-2020-002", "refsource": "CONFIRM", "url": "https://www.drupal.org/sa-core-2020-002" }, { "name": "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6", "refsource": "CONFIRM", "url": "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6" }, { "name": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released", "refsource": "MISC", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released" }, { "name": "openSUSE-SU-2020:1060", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html" }, { "name": "GLSA-202007-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202007-03" }, { "name": "openSUSE-SU-2020:1106", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html" }, { "name": "[hive-issues] 20200813 [jira] [Assigned] (HIVE-24039) update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-dev] 20200813 [jira] [Created] (HIVE-24039) update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E" }, { "name": "[hive-issues] 20200813 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200813 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Work started] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Commented] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Comment Edited] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200904 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E" }, { "name": "FEDORA-2020-fbb94073a1", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/" }, { "name": "FEDORA-2020-0b32a59b54", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/" }, { "name": "[hive-issues] 20200915 [jira] [Resolved] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-commits] 20200915 [hive] branch master updated: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023 (#1403)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E" }, { "name": "[hive-issues] 20200915 [jira] [Work logged] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200915 [GitHub] [hive] kgyrtkirk merged pull request #1403: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-issues] 20200915 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E" }, { "name": "FEDORA-2020-fe94df8c34", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/" }, { "name": "[nifi-commits] 20200930 svn commit: r1882168 - /nifi/site/trunk/security.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "name": "[flink-issues] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E" }, { "name": "[flink-dev] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E" }, { "name": "openSUSE-SU-2020:1888", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html" }, { "name": "[flink-issues] 20201129 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Created] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [GitHub] [felix-dev] cziegeler merged pull request #64: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [GitHub] [felix-dev] abhishekgarg18 opened a new pull request #64: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Commented] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Assigned] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E" }, { "name": "[felix-commits] 20201208 [felix-dev] branch master updated: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023 (#64)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.5.0 is vulnerable to CVE-2020-11023", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E" }, { "name": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "name": "[flink-issues] 20210209 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210209 [jira] [Comment Edited] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E" }, { "name": "[debian-lts-announce] 20210326 [SECURITY] [DLA 2608-1] jquery security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html" }, { "name": "[flink-issues] 20210422 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210422 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210429 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210429 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E" }, { "name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "name": "https://www.tenable.com/security/tns-2021-10", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2021-10" }, { "name": "https://www.tenable.com/security/tns-2021-02", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2021-02" }, { "name": "http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "name": "[flink-issues] 20211031 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E" }, { "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" } ] }, "source": { "advisory": "GHSA-jpcq-cgw6-v4j6", "discovery": "UNKNOWN" } }, "github.com/rubysec/ruby-advisory-db": { "cve": "2020-11023", "cvss_v3": 6.9, "date": "2020-04-29", "description": "## Impact\n\nPassing HTML containing `\u003coption\u003e` elements from untrusted sources - even after\nsanitizing them - to one of jQuery\u0027s DOM manipulation methods (i.e. `.html()`,\n`.append()`, and others) may execute untrusted code.\n\n## Workarounds\n\nTo workaround this issue without upgrading, use DOMPurify with its\n`SAFE_FOR_JQUERY` option to sanitize the HTML string before passing it to a\njQuery method.\n", "framework": "rails", "gem": "jquery-rails", "ghsa": "jpcq-cgw6-v4j6", "patched_versions": [ "\u003e= 4.4.0" ], "related": { "url": [ "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440" ] }, "title": "Potential XSS vulnerability in jQuery", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released" }, "gitlab.com": { "advisories": [ { "affected_range": "\u003c4.4.0", "affected_versions": "All versions before 4.4.0", "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cwe_ids": [ "CWE-1035", "CWE-79", "CWE-937" ], "date": "2021-07-20", "description": "Passing HTML containing `\u003coption\u003e` elements from untrusted sources - even after sanitizing it - to one of jQuery\u0027s DOM manipulation methods may execute untrusted code. This problem is patched in jQuery ", "fixed_versions": [ "4.4.0" ], "identifier": "CVE-2020-11023", "identifiers": [ "CVE-2020-11023", "GHSA-jpcq-cgw6-v4j6" ], "not_impacted": "All versions starting from 4.4.0", "package_slug": "gem/jquery-rails", "pubdate": "2020-04-29", "solution": "Upgrade to version 4.4.0 or above.", "title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" ], "uuid": "e442797f-0de3-42e0-a0c3-6da93996c32f" }, { "affected_range": "\u003e=1.0.3 \u003c3.5.0", "affected_versions": "All versions starting from 1.0.3 before 3.5.0", "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cwe_ids": [ "CWE-1035", "CWE-79", "CWE-937" ], "date": "2020-09-03", "description": "In jQuery, passing HTML containing `\u003coption\u003e` elements from untrusted sources, even after sanitizing it, to one of jQuery\u0027s DOM manipulation methods (i.e., `.html()`, `.append()`, and others) may execute untrusted code.", "fixed_versions": [ "3.5" ], "identifier": "CVE-2020-11023", "identifiers": [ "CVE-2020-11023", "GHSA-jpcq-cgw6-v4j6" ], "not_impacted": "All versions before 1.0.3, all versions starting from 3.5.0", "package_slug": "gem/rdoc", "pubdate": "2020-04-29", "solution": "Upgrade to version 3.5 or above.", "title": "Cross-site Scripting", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released", "https://jquery.com/upgrade-guide/3.5/" ], "uuid": "4849448a-7cb1-4976-b99b-7371abb13a34" }, { "affected_range": "\u003e=1.0.3 \u003c3.5.0", "affected_versions": "All versions starting from 1.0.3 before 3.5.0", "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cwe_ids": [ "CWE-1035", "CWE-79", "CWE-937" ], "date": "2021-11-30", "description": "In jQuery, passing HTML containing `\u003coption\u003e` elements from untrusted sources, even after sanitizing it, to one of jQuery\u0027s DOM manipulation methods (i.e., `.html()`, `.append()`, and others) may execute untrusted code.", "fixed_versions": [ "3.5.0" ], "identifier": "CVE-2020-11023", "identifiers": [ "CVE-2020-11023", "GHSA-jpcq-cgw6-v4j6" ], "not_impacted": "All versions before 1.0.3, all versions starting from 3.5.0", "package_slug": "npm/jquery", "pubdate": "2020-04-29", "solution": "Upgrade to version 3.5.0 or above.", "title": "Cross-site Scripting", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released", "https://jquery.com/upgrade-guide/3.5/" ], "uuid": "1d85b518-81f3-4e17-8375-08ad1531bce1" }, { "affected_range": "[1.0.3,3.5.0)", "affected_versions": "All versions starting from 1.0.3 before 3.5.0", "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-79", "CWE-937" ], "date": "2023-05-31", "description": "In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing \u003coption\u003e elements from untrusted sources - even after sanitizing it - to one of jQuery\u0027s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.", "fixed_versions": [ "3.5.0" ], "identifier": "CVE-2020-11023", "identifiers": [ "GHSA-jpcq-cgw6-v4j6", "CVE-2020-11023" ], "not_impacted": "All versions before 1.0.3, all versions starting from 3.5.0", "package_slug": "nuget/jQuery", "pubdate": "2020-04-29", "solution": "Upgrade to version 3.5.0 or above.", "title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "urls": [ "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6", "https://jquery.com/upgrade-guide/3.5/", "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released", "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "https://security.netapp.com/advisory/ntap-20200511-0006/", "https://www.drupal.org/sa-core-2020-002", "https://www.debian.org/security/2020/dsa-4693", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/", "https://www.oracle.com/security-alerts/cpujul2020.html", "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html", "https://security.gentoo.org/glsa/202007-03", "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/", "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/", "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E", "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E", "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E", "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E", "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E", "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E", "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E", "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E", "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E", "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E", "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E", "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E", "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E", "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E", "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E", "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E", "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E", "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E", "https://www.oracle.com/security-alerts/cpuoct2020.html", "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E", "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E", "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html", "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E", "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E", "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E", "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E", "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E", "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E", "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E", "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E", "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E", "https://www.oracle.com/security-alerts/cpujan2021.html", "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E", "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E", "https://www.tenable.com/security/tns-2021-02", "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html", "http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html", "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E", "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E", "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E", "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E", "https://www.tenable.com/security/tns-2021-10", "https://www.oracle.com/security-alerts/cpuApr2021.html", "https://www.oracle.com//security-alerts/cpujul2021.html", "https://www.oracle.com/security-alerts/cpuoct2021.html", "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E", "https://github.com/jquery/jquery/releases/tag/3.5.0", "https://www.oracle.com/security-alerts/cpujan2022.html", "https://www.oracle.com/security-alerts/cpuapr2022.html", "https://www.oracle.com/security-alerts/cpujul2022.html", "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml", "https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-565440", "https://github.com/advisories/GHSA-jpcq-cgw6-v4j6" ], "uuid": "f6b0cefb-50db-45f5-983d-9d91a05e73be" }, { "affected_range": "\u003e=7.0,\u003c7.70||\u003e=8.7.0,\u003c8.7.14||\u003e=8.8.0,\u003c8.8.6", "affected_versions": "All versions starting from 7.0 before 7.70, all versions starting from 8.7.0 before 8.7.14, all versions starting from 8.8.0 before 8.8.6", "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cwe_ids": [ "CWE-1035", "CWE-79", "CWE-937" ], "date": "2021-11-30", "description": "In jQuery, passing HTML containing `\u003coption\u003e` elements from untrusted sources, even after sanitizing it, to one of jQuery\u0027s DOM manipulation methods (i.e., `.html()`, `.append()`, and others) may execute untrusted code.", "fixed_versions": [ "8.0.0", "8.7.14", "8.8.6" ], "identifier": "CVE-2020-11023", "identifiers": [ "CVE-2020-11023", "GHSA-jpcq-cgw6-v4j6" ], "not_impacted": "All versions before 7.0, all versions starting from 7.70 before 8.7.0, all versions starting from 8.7.14 before 8.8.0, all versions starting from 8.8.6", "package_slug": "packagist/drupal/core-recommended", "pubdate": "2020-04-29", "solution": "Upgrade to versions 8.0.0, 8.7.14, 8.8.6 or above.", "title": "Cross-site Scripting", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released", "https://jquery.com/upgrade-guide/3.5/" ], "uuid": "a5827dee-3325-409a-ab69-ecc2ae8eebc7" }, { "affected_range": "\u003e=7.0,\u003c7.70||\u003e=8.7.0,\u003c8.7.14||\u003e=8.8.0,\u003c8.8.6", "affected_versions": "All versions starting from 7.0 before 7.70, all versions starting from 8.7.0 before 8.7.14, all versions starting from 8.8.0 before 8.8.6", "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cwe_ids": [ "CWE-1035", "CWE-79", "CWE-937" ], "date": "2021-11-30", "description": "In jQuery, passing HTML containing `\u003coption\u003e` elements from untrusted sources, even after sanitizing it, to one of jQuery\u0027s DOM manipulation methods (i.e., `.html()`, `.append()`, and others) may execute untrusted code.", "fixed_versions": [ "8.0.0", "8.7.14", "8.8.6" ], "identifier": "CVE-2020-11023", "identifiers": [ "CVE-2020-11023", "GHSA-jpcq-cgw6-v4j6" ], "not_impacted": "All versions before 7.0, all versions starting from 7.70 before 8.7.0, all versions starting from 8.7.14 before 8.8.0, all versions starting from 8.8.6", "package_slug": "packagist/drupal/core", "pubdate": "2020-04-29", "solution": "Upgrade to versions 8.0.0, 8.7.14, 8.8.6 or above.", "title": "Cross-site Scripting", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released", "https://jquery.com/upgrade-guide/3.5/" ], "uuid": "03e7805f-4e0b-4ade-8e71-740f2d72ca2e" }, { "affected_range": "\u003e=7.0,\u003c7.70||\u003e=8.7.0,\u003c8.7.14||\u003e=8.8.0,\u003c8.8.6", "affected_versions": "All versions starting from 7.0 before 7.70, all versions starting from 8.7.0 before 8.7.14, all versions starting from 8.8.0 before 8.8.6", "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cwe_ids": [ "CWE-1035", "CWE-79", "CWE-937" ], "date": "2021-11-30", "description": "In jQuery, passing HTML containing `\u003coption\u003e` elements from untrusted sources, even after sanitizing it, to one of jQuery\u0027s DOM manipulation methods (i.e., `.html()`, `.append()`, and others) may execute untrusted code.", "fixed_versions": [ "8.0.0", "8.7.14", "8.8.6" ], "identifier": "CVE-2020-11023", "identifiers": [ "CVE-2020-11023", "GHSA-jpcq-cgw6-v4j6" ], "not_impacted": "All versions before 7.0, all versions starting from 7.70 before 8.7.0, all versions starting from 8.7.14 before 8.8.0, all versions starting from 8.8.6", "package_slug": "packagist/drupal/drupal", "pubdate": "2020-04-29", "solution": "Upgrade to versions 8.0.0, 8.7.14, 8.8.6 or above.", "title": "Cross-site Scripting", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released", "https://jquery.com/upgrade-guide/3.5/" ], "uuid": "4484843d-21fd-4bb5-932b-616102da858d" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.5.0", "versionStartIncluding": "1.0.3", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "7.70", "versionStartIncluding": "7.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "8.7.14", "versionStartIncluding": "8.7.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "8.8.6", "versionStartIncluding": "8.8.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:hyperion_financial_reporting:11.1.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "6.4", "versionStartIncluding": "6.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.2.11", "versionStartIncluding": "16.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "17.12.7", "versionStartIncluding": "17.12.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:siebel_mobile:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "20.12", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_resources:9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.2.5.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.8.0", "versionStartIncluding": "2.7.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.2.5.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.10.0", "versionStartIncluding": "2.4.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.12.4", "versionStartIncluding": "19.12.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "18.8.9", "versionStartIncluding": "18.8.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.3", "versionStartIncluding": "4.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:oss_support_tools:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.12.41", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:health_sciences_inform:6.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.4.0", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:snapcenter_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.1.3", "versionStartIncluding": "3.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.0.9", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-11023" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing \u003coption\u003e elements from untrusted sources - even after sanitizing it - to one of jQuery\u0027s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-79" } ] } ] }, "references": { "reference_data": [ { "name": "https://jquery.com/upgrade-guide/3.5/", "refsource": "MISC", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://jquery.com/upgrade-guide/3.5/" }, { "name": "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6" }, { "name": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released", "refsource": "MISC", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released" }, { "name": "https://security.netapp.com/advisory/ntap-20200511-0006/", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://security.netapp.com/advisory/ntap-20200511-0006/" }, { "name": "https://www.drupal.org/sa-core-2020-002", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://www.drupal.org/sa-core-2020-002" }, { "name": "DSA-4693", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2020/dsa-4693" }, { "name": "FEDORA-2020-36d2db5f51", "refsource": "FEDORA", "tags": [ "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/" }, { "name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "name": "openSUSE-SU-2020:1060", "refsource": "SUSE", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html" }, { "name": "GLSA-202007-03", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/202007-03" }, { "name": "openSUSE-SU-2020:1106", "refsource": "SUSE", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html" }, { "name": "[hive-gitbox] 20200813 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-issues] 20200813 [jira] [Assigned] (HIVE-24039) update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200813 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-dev] 20200813 [jira] [Created] (HIVE-24039) update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Work started] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Commented] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200902 [jira] [Comment Edited] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200904 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E" }, { "name": "FEDORA-2020-0b32a59b54", "refsource": "FEDORA", "tags": [ "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/" }, { "name": "FEDORA-2020-fbb94073a1", "refsource": "FEDORA", "tags": [ "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/" }, { "name": "[hive-commits] 20200915 [hive] branch master updated: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023 (#1403)", "refsource": "MLIST", "tags": [ "Mailing List", "Patch", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E" }, { "name": "[hive-issues] 20200915 [jira] [Resolved] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-issues] 20200915 [jira] [Work logged] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E" }, { "name": "[hive-gitbox] 20200915 [GitHub] [hive] kgyrtkirk merged pull request #1403: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E" }, { "name": "[hive-issues] 20200915 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E" }, { "name": "FEDORA-2020-fe94df8c34", "refsource": "FEDORA", "tags": [ "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/" }, { "name": "[nifi-commits] 20200930 svn commit: r1882168 - /nifi/site/trunk/security.html", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "name": "[flink-dev] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E" }, { "name": "[flink-issues] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E" }, { "name": "openSUSE-SU-2020:1888", "refsource": "SUSE", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html" }, { "name": "[flink-issues] 20201129 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Created] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [GitHub] [felix-dev] cziegeler merged pull request #64: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Commented] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Assigned] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [GitHub] [felix-dev] abhishekgarg18 opened a new pull request #64: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E" }, { "name": "[felix-commits] 20201208 [felix-dev] branch master updated: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023 (#64)", "refsource": "MLIST", "tags": [ "Mailing List", "Patch", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E" }, { "name": "[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.5.0 is vulnerable to CVE-2020-11023", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E" }, { "name": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "name": "[flink-issues] 20210209 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210209 [jira] [Comment Edited] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E" }, { "name": "https://www.tenable.com/security/tns-2021-02", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://www.tenable.com/security/tns-2021-02" }, { "name": "[debian-lts-announce] 20210326 [SECURITY] [DLA 2608-1] jquery security update", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html" }, { "name": "http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html", "refsource": "MISC", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html" }, { "name": "[flink-issues] 20210422 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210422 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210429 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E" }, { "name": "[flink-issues] 20210429 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E" }, { "name": "https://www.tenable.com/security/tns-2021-10", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://www.tenable.com/security/tns-2021-10" }, { "name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "name": "N/A", "refsource": "N/A", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "name": "[flink-issues] 20211031 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E" }, { "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "name": "N/A", "refsource": "N/A", "tags": [ "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update", "refsource": "MLIST", "tags": [], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 2.7 } }, "lastModifiedDate": "2023-08-31T03:15Z", "publishedDate": "2020-04-29T21:15Z" } } }
var-202004-2199
Vulnerability from variot
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing
An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8. 8) - aarch64, noarch, ppc64le, s390x, x86_64
- Description:
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Bugs fixed (https://bugzilla.redhat.com/):
1376706 - restore SerialNumber tag in caManualRenewal xml 1399546 - CVE-2015-9251 jquery: Cross-site scripting via cross-domain ajax requests 1406505 - KRA ECC installation failed with shared tomcat 1601614 - CVE-2018-14040 bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute 1601617 - CVE-2018-14042 bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip 1666907 - CC: Enable AIA OCSP cert checking for entire cert chain 1668097 - CVE-2016-10735 bootstrap: XSS in the data-target attribute 1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute 1695901 - CVE-2019-10179 pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab 1701972 - CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection 1706521 - CA - SubjectAltNameExtInput does not display text fields to the enrollment page 1710171 - CVE-2019-10146 pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page 1721684 - Rebase pki-servlet-engine to 9.0.30 1724433 - caTransportCert.cfg contains MD2/MD5withRSA as signingAlgsAllowed. 1732565 - CVE-2019-10221 pki-core: Reflected XSS in getcookies?url= endpoint in CA 1732981 - When nuxwdog is enabled pkidaemon status shows instances as stopped. 1777579 - CVE-2020-1721 pki-core: KRA vulnerable to reflected XSS via the getPk12 page 1805541 - [RFE] CA Certificate Transparency with Embedded Signed Certificate Time stamp 1817247 - Upgrade to 10.8.3 breaks PKI Tomcat Server 1821851 - [RFE] Provide SSLEngine via JSSProvider for use with PKI 1822246 - JSS - NativeProxy never calls releaseNativeResources - Memory Leak 1824939 - JSS: add RSA PSS support - RHEL 8.3 1824948 - add RSA PSS support - RHEL 8.3 1825998 - CertificatePoliciesExtDefault MAX_NUM_POLICIES hardcoded limit 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method 1842734 - CVE-2019-10179 pki-core: pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab [rhel-8] 1842736 - CVE-2019-10146 pki-core: Reflected Cross-Site Scripting in 'path length' constraint field in CA's Agent page [rhel-8] 1843537 - Able to Perform PKI CLI operations like cert request and approval without nssdb password 1845447 - pkispawn fails in FIPS mode: AJP connector has secretRequired="true" but no secret 1850004 - CVE-2020-11023 jquery: Passing HTML containing
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: RHV Manager (ovirt-engine) [ovirt-4.5.2] bug fix and security update Advisory ID: RHSA-2022:6393-01 Product: Red Hat Virtualization Advisory URL: https://access.redhat.com/errata/RHSA-2022:6393 Issue date: 2022-09-08 CVE Names: CVE-2020-11022 CVE-2020-11023 CVE-2021-22096 CVE-2021-23358 CVE-2022-2806 CVE-2022-31129 ==================================================================== 1. Summary:
Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4 - noarch
- Description:
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
Security Fix(es):
-
nodejs-underscore: Arbitrary code execution via the template function (CVE-2021-23358)
-
moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
-
jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
-
jquery: Untrusted code execution via
-
ovirt-log-collector: RHVM admin password is logged unfiltered (CVE-2022-2806)
-
springframework: malicious input leads to insertion of additional log entries (CVE-2021-22096)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
Previously, running engine-setup did not always renew OVN certificates close to expiration or expired. With this release, OVN certificates are always renewed by engine-setup when needed. (BZ#2097558)
-
Previously, the Manager issued warnings of approaching certificate expiration before engine-setup could update certificates. In this release expiration warnings and certificate update periods are aligned, and certificates are updated as soon as expiration warnings occur. (BZ#2097725)
-
With this release, OVA export or import work on hosts with a non-standard SSH port. (BZ#2104939)
-
With this release, the certificate validity test is compatible with RHEL 8 and RHEL 7 based hypervisors. (BZ#2107250)
-
RHV 4.4 SP1 and later are only supported on RHEL 8.6, customers cannot use RHEL 8.7 or later, and must stay with RHEL 8.6 EUS. (BZ#2108985)
-
Previously, importing templates from the Administration Portal did not work. With this release, importing templates from the Administration Portal is possible. (BZ#2109923)
-
ovirt-provider-ovn certificate expiration is checked along with other RHV certificates. If ovirt-provider-ovn is about to expire or already expired, a warning or alert is raised in the audit log. To renew the ovirt-provider-ovn certificate, administators must run engine-setup. If your ovirt-provider-ovn certificate expires on a previous RHV version, upgrade to RHV 4.4 SP1 batch 2 or later, and ovirt-provider-ovn certificate will be renewed automatically in the engine-setup. (BZ#2097560)
-
Previously, when importing a virtual machine with manual CPU pinning, the manual pinning string was cleared, but the CPU pinning policy was not set to NONE. As a result, importing failed. In this release, the CPU pinning policy is set to NONE if the CPU pinning string is cleared, and importing succeeds. (BZ#2104115)
-
Previously, the Manager could start a virtual machine with a Resize and Pin NUMA policy on a host without an equal number of physical sockets to NUMA nodes. As a result, wrong pinning was assigned to the policy. With this release, the Manager does not allow the virtual machine to be scheduled on such a virtual machine, and the pinning is correct based on the algorithm. (BZ#1955388)
-
Rebase package(s) to version: 4.4.7. Highlights, important fixes, or notable enhancements: fixed BZ#2081676 (BZ#2104831)
-
In this release, rhv-log-collector-analyzer provides detailed output for each problematic image, including disk names, associated virtual machine, the host running the virtual machine, snapshots, and current SPM. The detailed view is now the default. The compact option can be set by using the --compact switch in the command line. (BZ#2097536)
-
UnboundID LDAP SDK has been rebased on upstream version 6.0.4. See https://github.com/pingidentity/ldapsdk/releases for changes since version 4.0.14 (BZ#2092478)
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/2974891
-
1944286 - CVE-2021-23358 nodejs-underscore: Arbitrary code execution via the template function 1955388 - Auto Pinning Policy only pins some of the vCPUs on a single NUMA host 1974974 - Not possible to determine migration policy from the API, even though documentation reports that it can be done. 2034584 - CVE-2021-22096 springframework: malicious input leads to insertion of additional log entries 2080005 - CVE-2022-2806 ovirt-log-collector: RHVM admin password is logged unfiltered 2092478 - Upgrade unboundid-ldapsdk to 6.0.4 2094577 - rhv-image-discrepancies must ignore small disks created by OCP 2097536 - [RFE] Add disk name and uuid to problems output 2097558 - Renew ovirt-provider-ovn.cer certificates during engine-setup 2097560 - Warning when ovsdb-server certificates are about to expire(OVN certificate) 2097725 - Certificate Warn period and automatic renewal via engine-setup do not match 2104115 - RHV 4.5 cannot import VMs with cpu pinning 2104831 - Upgrade ovirt-log-collector to 4.4.7 2104939 - Export OVA when using host with port other than 22 2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS 2107250 - Upgrade of the host failed as the RHV 4.3 hypervisor is based on RHEL 7 with openssl 1.0.z, but RHV Manager 4.4 uses the openssl 1.1.z syntax 2107267 - ovirt-log-collector doesn't generate database dump 2108985 - RHV 4.4 SP1 EUS requires RHEL 8.6 EUS (RHEL 8.7+ releases are not supported on RHV 4.4 SP1 EUS) 2109923 - Error when importing templates in Admin portal
-
Package List:
RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4:
Source: ovirt-engine-4.5.2.4-0.1.el8ev.src.rpm ovirt-engine-dwh-4.5.4-1.el8ev.src.rpm ovirt-engine-extension-aaa-ldap-1.4.6-1.el8ev.src.rpm ovirt-engine-ui-extensions-1.3.5-1.el8ev.src.rpm ovirt-log-collector-4.4.7-2.el8ev.src.rpm ovirt-web-ui-1.9.1-1.el8ev.src.rpm rhv-log-collector-analyzer-1.0.15-1.el8ev.src.rpm unboundid-ldapsdk-6.0.4-1.el8ev.src.rpm vdsm-jsonrpc-java-1.7.2-1.el8ev.src.rpm
noarch: ovirt-engine-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-backend-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-dbscripts-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-dwh-4.5.4-1.el8ev.noarch.rpm ovirt-engine-dwh-grafana-integration-setup-4.5.4-1.el8ev.noarch.rpm ovirt-engine-dwh-setup-4.5.4-1.el8ev.noarch.rpm ovirt-engine-extension-aaa-ldap-1.4.6-1.el8ev.noarch.rpm ovirt-engine-extension-aaa-ldap-setup-1.4.6-1.el8ev.noarch.rpm ovirt-engine-health-check-bundler-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-restapi-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-setup-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-setup-base-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-setup-plugin-cinderlib-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-setup-plugin-imageio-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-setup-plugin-ovirt-engine-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-setup-plugin-ovirt-engine-common-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-setup-plugin-websocket-proxy-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-tools-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-tools-backup-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-ui-extensions-1.3.5-1.el8ev.noarch.rpm ovirt-engine-vmconsole-proxy-helper-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-webadmin-portal-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-engine-websocket-proxy-4.5.2.4-0.1.el8ev.noarch.rpm ovirt-log-collector-4.4.7-2.el8ev.noarch.rpm ovirt-web-ui-1.9.1-1.el8ev.noarch.rpm python3-ovirt-engine-lib-4.5.2.4-0.1.el8ev.noarch.rpm rhv-log-collector-analyzer-1.0.15-1.el8ev.noarch.rpm rhvm-4.5.2.4-0.1.el8ev.noarch.rpm unboundid-ldapsdk-6.0.4-1.el8ev.noarch.rpm unboundid-ldapsdk-javadoc-6.0.4-1.el8ev.noarch.rpm vdsm-jsonrpc-java-1.7.2-1.el8ev.noarch.rpm vdsm-jsonrpc-java-javadoc-1.7.2-1.el8ev.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2020-11022 https://access.redhat.com/security/cve/CVE-2020-11023 https://access.redhat.com/security/cve/CVE-2021-22096 https://access.redhat.com/security/cve/CVE-2021-23358 https://access.redhat.com/security/cve/CVE-2022-2806 https://access.redhat.com/security/cve/CVE-2022-31129 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYxnqRtzjgjWX9erEAQiQOw//XOS172gkbNeuoMSW1IYiEpJG4zQIvT2J VvyizOMlQzpe49Bkopu1zj/e8yM1eXNIg1elPzA3280z7ruNb4fkeoXT7vM5mB/0 jRAr1ja9ZHnZmEW60X3WVhEBjEXCeOv5CWBgqzdQWSB7RpPqfMP7/4kHGFnCPZxu V/n+Z9YKoDxeiW19tuTdU5E5cFySVV8JZAlfXlrR1dz815Ugsm2AMk6uPwjQ2+C7 Uz3zLQLjRjxFk+qSph8NYbOZGnUkypWQG5KXPMyk/Cg3jewjMkjAhzgcTJAdolRC q3p9kD5KdWRe+3xzjy6B4IsSSqvEyHphwrRv8wgk0vIAawfgi76+jL7n/C07rdpA Qg6zlDxmHDrZPC42dsW6dXJ1QefRQE5EzFFJcoycqvWdlRfXX6D1RZc5knSQb2iI 3iSh+hVwxY9pzNZVMlwtDHhw8dqvgw7JimToy8vOldgK0MdndwtVmKsKsRzu7HyL PQSvcN5lSv1X5FR2tnx9LMQXX1qn0P1d/8gTiRFm8Oabjx2r8I0/HNgnJpTSVSBO DXjKFDmwpiT+6tupM39ZbWek2hh+PoyMZJb/d6/YTND6VNlzUypq+DFtLILEaM8Z OjWz0YAL8/ihvhq0vSdFSMFcYKSWAOXA+6pSqe7N7WtB9hl0r7sLUaRSRHti1Ime uF/GLDTKkPw=8zTJ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Description:
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Description:
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):
JBEAP-23864 - (7.4.z) Upgrade xmlsec from 2.1.7.redhat-00001 to 2.2.3.redhat-00001 JBEAP-23865 - GSS Upgrade Apache CXF from 3.3.13.redhat-00001 to 3.4.10.redhat-00001 JBEAP-23866 - (7.4.z) Upgrade wss4j from 2.2.7.redhat-00001 to 2.3.3.redhat-00001 JBEAP-23926 - Tracker bug for the EAP 7.4.9 release for RHEL-7 JBEAP-24055 - (7.4.z) Upgrade HAL from 3.3.15.Final-redhat-00001 to 3.3.16.Final-redhat-00001 JBEAP-24081 - (7.4.z) Upgrade Elytron from 1.15.14.Final-redhat-00001 to 1.15.15.Final-redhat-00001 JBEAP-24095 - (7.4.z) Upgrade elytron-web from 1.9.2.Final-redhat-00001 to 1.9.3.Final-redhat-00001 JBEAP-24100 - GSS Upgrade Undertow from 2.2.20.SP1-redhat-00001 to 2.2.22.SP3-redhat-00001 JBEAP-24127 - (7.4.z) UNDERTOW-2123 - Update AsyncContextImpl.dispatch to use proper value JBEAP-24128 - (7.4.z) Upgrade Hibernate Search from 5.10.7.Final-redhat-00001 to 5.10.13.Final-redhat-00001 JBEAP-24132 - GSS Upgrade Ironjacamar from 1.5.3.SP2-redhat-00001 to 1.5.10.Final-redhat-00001 JBEAP-24147 - (7.4.z) Upgrade jboss-ejb-client from 4.0.45.Final-redhat-00001 to 4.0.49.Final-redhat-00001 JBEAP-24167 - (7.4.z) Upgrade WildFly Core from 15.0.19.Final-redhat-00001 to 15.0.21.Final-redhat-00002 JBEAP-24191 - GSS Upgrade remoting from 5.0.26.SP1-redhat-00001 to 5.0.27.Final-redhat-00001 JBEAP-24195 - GSS Upgrade JSF API from 3.0.0.SP06-redhat-00001 to 3.0.0.SP07-redhat-00001 JBEAP-24207 - (7.4.z) Upgrade Soteria from 1.0.1.redhat-00002 to 1.0.1.redhat-00003 JBEAP-24248 - (7.4.z) ELY-2492 - Upgrade sshd-common in Elytron from 2.7.0 to 2.9.2 JBEAP-24426 - (7.4.z) Upgrade Elytron from 1.15.15.Final-redhat-00001 to 1.15.16.Final-redhat-00001 JBEAP-24427 - (7.4.z) Upgrade WildFly Core from 15.0.21.Final-redhat-00002 to 15.0.22.Final-redhat-00001
7
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202004-2199", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "communications eagle application processor", "scope": "gte", "trust": 1.0, "vendor": "oracle", "version": "16.1.0" }, { "model": "banking platform", "scope": "lte", "trust": 1.0, "vendor": "oracle", "version": "2.10.0" }, { "model": "healthcare translational research", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "3.3.1" }, { "model": "communications session report manager", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "8.2.1" }, { "model": "health sciences inform", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "6.3.0" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "32" }, { "model": "max data", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "hyperion financial reporting", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "11.1.2.4" }, { "model": "storagetek tape analytics sw tool", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "2.3.1" }, { "model": "rest data services", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "12.1.0.2" }, { "model": "communications session route manager", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "8.2.1" }, { "model": "oncommand system manager", "scope": "lte", "trust": 1.0, "vendor": "netapp", "version": "3.1.3" }, { "model": "communications operations monitor", "scope": "gte", "trust": 1.0, "vendor": "oracle", "version": "4.1" }, { "model": "rest data services", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "18c" }, { "model": "communications element manager", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "8.1.1" }, { "model": "drupal", "scope": "lt", "trust": 1.0, "vendor": "drupal", "version": "8.8.6" }, { "model": "rest data services", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "19c" }, { "model": "financial services regulatory reporting for de nederlandsche bank", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "8.0.4" }, { "model": "primavera gateway", "scope": "gte", "trust": 1.0, "vendor": "oracle", "version": "18.8.0" }, { "model": "oss support tools", "scope": "lt", "trust": 1.0, "vendor": "oracle", "version": "2.12.41" }, { "model": "snap creator framework", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "communications interactive session recorder", "scope": "lte", "trust": 1.0, "vendor": "oracle", "version": "6.4" }, { "model": "primavera gateway", "scope": "lte", "trust": 1.0, "vendor": "oracle", "version": "17.12.7" }, { "model": "webcenter sites", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "12.2.1.4.0" }, { "model": "drupal", "scope": "lt", "trust": 1.0, "vendor": "drupal", "version": "7.70" }, { "model": "jquery", "scope": "lt", "trust": 1.0, "vendor": "jquery", "version": "3.5.0" }, { "model": "primavera gateway", "scope": "gte", "trust": 1.0, "vendor": "oracle", "version": "19.12.0" }, { "model": "rest data services", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "11.2.0.4" }, { "model": "primavera gateway", "scope": "lte", "trust": 1.0, "vendor": "oracle", "version": "18.8.9" }, { "model": "weblogic server", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "12.1.3.0.0" }, { "model": "weblogic server", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "12.2.1.3.0" }, { "model": "primavera gateway", "scope": "lte", "trust": 1.0, "vendor": "oracle", "version": "19.12.4" }, { "model": "communications session route manager", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "8.1.1" }, { "model": "communications eagle application processor", "scope": "lte", "trust": 1.0, "vendor": "oracle", "version": "16.4.0" }, { "model": "primavera gateway", "scope": "gte", "trust": 1.0, "vendor": "oracle", "version": "16.2" }, { "model": "h410s", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "drupal", "scope": "gte", "trust": 1.0, "vendor": "drupal", "version": "7.0" }, { "model": "communications element manager", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "8.2.1" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "33" }, { "model": "primavera gateway", "scope": "lte", "trust": 1.0, "vendor": "oracle", "version": "16.2.11" }, { "model": "drupal", "scope": "gte", "trust": 1.0, "vendor": "drupal", "version": "8.8.0" }, { "model": "banking enterprise collections", "scope": "lte", "trust": 1.0, "vendor": "oracle", "version": "2.8.0" }, { "model": "communications services gatekeeper", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "7.0" }, { "model": "healthcare translational research", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "3.3.2" }, { "model": "banking platform", "scope": "gte", "trust": 1.0, "vendor": "oracle", "version": "2.4.0" }, { "model": "log correlation engine", "scope": "lt", "trust": 1.0, "vendor": "tenable", "version": "6.0.9" }, { "model": "h700e", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "h500e", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "financial services revenue management and billing analytics", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "2.7" }, { "model": "primavera gateway", "scope": "gte", "trust": 1.0, "vendor": "oracle", "version": "17.12.0" }, { "model": "h300e", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "communications session report manager", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "8.2.0" }, { "model": "rest data services", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "12.2.0.1" }, { "model": "weblogic server", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "14.1.1.0.0" }, { "model": "peoplesoft enterprise human capital management resources", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "9.2" }, { "model": "communications analytics", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "12.1.1" }, { "model": "h300s", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "communications session route manager", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "8.2.0" }, { "model": "weblogic server", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "12.2.1.4.0" }, { "model": "snapcenter server", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "communications operations monitor", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "3.4" }, { "model": "banking enterprise collections", "scope": "gte", "trust": 1.0, "vendor": "oracle", "version": "2.7.0" }, { "model": "drupal", "scope": "gte", "trust": 1.0, "vendor": "drupal", "version": "8.7.0" }, { "model": "h500s", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "h410c", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "financial services revenue management and billing analytics", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "2.8" }, { "model": "h700s", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "communications session report manager", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "8.1.1" }, { "model": "drupal", "scope": "lt", "trust": 1.0, "vendor": "drupal", "version": "8.7.14" }, { "model": "communications interactive session recorder", "scope": "gte", "trust": 1.0, "vendor": "oracle", "version": "6.1" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "9.0" }, { "model": "business intelligence", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "5.9.0.0.0" }, { "model": "jd edwards enterpriseone orchestrator", "scope": "lt", "trust": 1.0, "vendor": "oracle", "version": "9.2.5.0" }, { "model": "healthcare translational research", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "3.4.0" }, { "model": "communications operations monitor", "scope": "lte", "trust": 1.0, "vendor": "oracle", "version": "4.3" }, { "model": "storagetek acsls", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "8.5.1" }, { "model": "oncommand system manager", "scope": "gte", "trust": 1.0, "vendor": "netapp", "version": "3.0" }, { "model": "jd edwards enterpriseone tools", "scope": "lt", "trust": 1.0, "vendor": "oracle", "version": "9.2.5.0" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "31" }, { "model": "siebel mobile", "scope": "lte", "trust": 1.0, "vendor": "oracle", "version": "20.12" }, { "model": "healthcare translational research", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "3.2.1" }, { "model": "webcenter sites", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "12.2.1.3.0" }, { "model": "jquery", "scope": "gte", "trust": 1.0, "vendor": "jquery", "version": "1.0.3" }, { "model": "communications element manager", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "8.2.0" }, { "model": "application testing suite", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "13.3.0.1" }, { "model": "oncommand insight", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "application express", "scope": "lt", "trust": 1.0, "vendor": "oracle", "version": "20.2" }, { "model": "hitachi ops center common services", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "jquery", "scope": null, "trust": 0.8, "vendor": "jquery", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-005056" }, { "db": "NVD", "id": "CVE-2020-11023" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.5.0", "versionStartIncluding": "1.0.3", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "7.70", "versionStartIncluding": "7.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "8.7.14", "versionStartIncluding": "8.7.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "8.8.6", "versionStartIncluding": "8.8.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:hyperion_financial_reporting:11.1.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "6.4", "versionStartIncluding": "6.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.2.11", "versionStartIncluding": "16.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "17.12.7", "versionStartIncluding": "17.12.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:siebel_mobile:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "20.12", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_resources:9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.2.5.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.8.0", "versionStartIncluding": "2.7.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.2.5.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.10.0", "versionStartIncluding": "2.4.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.12.4", "versionStartIncluding": "19.12.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "18.8.9", "versionStartIncluding": "18.8.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.3", "versionStartIncluding": "4.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:oss_support_tools:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.12.41", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:health_sciences_inform:6.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.4.0", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:snapcenter_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.1.3", "versionStartIncluding": "3.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.0.9", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-11023" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat", "sources": [ { "db": "PACKETSTORM", "id": "159852" }, { "db": "PACKETSTORM", "id": "168304" }, { "db": "PACKETSTORM", "id": "171213" }, { "db": "PACKETSTORM", "id": "171212" }, { "db": "PACKETSTORM", "id": "170821" }, { "db": "PACKETSTORM", "id": "170817" }, { "db": "CNNVD", "id": "CNNVD-202004-2420" } ], "trust": 1.2 }, "cve": "CVE-2020-11023", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 4.3, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2020-11023", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "VHN-163560", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 2.8, "impactScore": 2.7, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, { "attackComplexity": "HIGH", "attackVector": "NETWORK", "author": "security-advisories@github.com", "availabilityImpact": "NONE", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.6, "impactScore": 4.7, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 6.1, "baseSeverity": "Medium", "confidentialityImpact": "Low", "exploitabilityScore": null, "id": "CVE-2020-11023", "impactScore": null, "integrityImpact": "Low", "privilegesRequired": "None", "scope": "Changed", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2020-11023", "trust": 1.8, "value": "MEDIUM" }, { "author": "security-advisories@github.com", "id": "CVE-2020-11023", "trust": 1.0, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202004-2420", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-163560", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-163560" }, { "db": "JVNDB", "id": "JVNDB-2020-005056" }, { "db": "CNNVD", "id": "CNNVD-202004-2420" }, { "db": "NVD", "id": "CVE-2020-11023" }, { "db": "NVD", "id": "CVE-2020-11023" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing \u003coption\u003e elements from untrusted sources - even after sanitizing it - to one of jQuery\u0027s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. jQuery Contains a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. jQuery is an open source, cross-browser JavaScript library developed by American John Resig programmers. The library simplifies the operation between HTML and JavaScript, and has the characteristics of modularization and plug-in extension. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code. Summary:\n\nAn update for the pki-core:10.6 and pki-deps:10.6 modules is now available\nfor Red Hat Enterprise Linux 8. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. Description:\n\nThe Public Key Infrastructure (PKI) Core contains fundamental packages\nrequired by Red Hat Certificate System. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.3 Release Notes linked from the References section. Bugs fixed (https://bugzilla.redhat.com/):\n\n1376706 - restore SerialNumber tag in caManualRenewal xml\n1399546 - CVE-2015-9251 jquery: Cross-site scripting via cross-domain ajax requests\n1406505 - KRA ECC installation failed with shared tomcat\n1601614 - CVE-2018-14040 bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute\n1601617 - CVE-2018-14042 bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip\n1666907 - CC: Enable AIA OCSP cert checking for entire cert chain\n1668097 - CVE-2016-10735 bootstrap: XSS in the data-target attribute\n1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute\n1695901 - CVE-2019-10179 pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab\n1701972 - CVE-2019-11358 jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection\n1706521 - CA - SubjectAltNameExtInput does not display text fields to the enrollment page\n1710171 - CVE-2019-10146 pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page\n1721684 - Rebase pki-servlet-engine to 9.0.30\n1724433 - caTransportCert.cfg contains MD2/MD5withRSA as signingAlgsAllowed. \n1732565 - CVE-2019-10221 pki-core: Reflected XSS in getcookies?url= endpoint in CA\n1732981 - When nuxwdog is enabled pkidaemon status shows instances as stopped. \n1777579 - CVE-2020-1721 pki-core: KRA vulnerable to reflected XSS via the getPk12 page\n1805541 - [RFE] CA Certificate Transparency with Embedded Signed Certificate Time stamp\n1817247 - Upgrade to 10.8.3 breaks PKI Tomcat Server\n1821851 - [RFE] Provide SSLEngine via JSSProvider for use with PKI\n1822246 - JSS - NativeProxy never calls releaseNativeResources - Memory Leak\n1824939 - JSS: add RSA PSS support - RHEL 8.3\n1824948 - add RSA PSS support - RHEL 8.3\n1825998 - CertificatePoliciesExtDefault MAX_NUM_POLICIES hardcoded limit\n1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n1842734 - CVE-2019-10179 pki-core: pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab [rhel-8]\n1842736 - CVE-2019-10146 pki-core: Reflected Cross-Site Scripting in \u0027path length\u0027 constraint field in CA\u0027s Agent page [rhel-8]\n1843537 - Able to Perform PKI CLI operations like cert request and approval without nssdb password\n1845447 - pkispawn fails in FIPS mode: AJP connector has secretRequired=\"true\" but no secret\n1850004 - CVE-2020-11023 jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution\n1854043 - /usr/bin/PrettyPrintCert is failing with a ClassNotFoundException\n1854959 - ca-profile-add with Netscape extensions nsCertSSLClient and nsCertEmail in the profile gets stuck in processing\n1855273 - CVE-2020-15720 pki: Dogtag\u0027s python client does not validate certificates\n1855319 - Not able to launch pkiconsole\n1856368 - kra-key-generate request is failing\n1857933 - CA Installation is failing with ncipher v12.30 HSM\n1861911 - pki cli ca-cert-request-approve hangs over crmf request from client-cert-request\n1869893 - Common certificates are missing in CS.cfg on shared PKI instance\n1871064 - replica install failing during pki-ca component configuration\n1873235 - pki ca-user-cert-add with secure port failed with \u0027SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT\u0027\n\n6. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: RHV Manager (ovirt-engine) [ovirt-4.5.2] bug fix and security update\nAdvisory ID: RHSA-2022:6393-01\nProduct: Red Hat Virtualization\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:6393\nIssue date: 2022-09-08\nCVE Names: CVE-2020-11022 CVE-2020-11023 CVE-2021-22096\n CVE-2021-23358 CVE-2022-2806 CVE-2022-31129\n====================================================================\n1. Summary:\n\nUpdated ovirt-engine packages that fix several bugs and add various\nenhancements are now available. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4 - noarch\n\n3. Description:\n\nThe ovirt-engine package provides the Red Hat Virtualization Manager, a\ncentralized management platform that allows system administrators to view\nand manage virtual machines. The Manager provides a comprehensive range of\nfeatures including search capabilities, resource management, live\nmigrations, and virtual infrastructure provisioning. \n\nSecurity Fix(es):\n\n* nodejs-underscore: Arbitrary code execution via the template function\n(CVE-2021-23358)\n\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter\nmethod (CVE-2020-11022)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM\nmanipulation methods (CVE-2020-11023)\n\n* ovirt-log-collector: RHVM admin password is logged unfiltered\n(CVE-2022-2806)\n\n* springframework: malicious input leads to insertion of additional log\nentries (CVE-2021-22096)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* Previously, running engine-setup did not always renew OVN certificates\nclose to expiration or expired. With this release, OVN certificates are\nalways renewed by engine-setup when needed. (BZ#2097558)\n\n* Previously, the Manager issued warnings of approaching certificate\nexpiration before engine-setup could update certificates. In this release\nexpiration warnings and certificate update periods are aligned, and\ncertificates are updated as soon as expiration warnings occur. (BZ#2097725)\n\n* With this release, OVA export or import work on hosts with a non-standard\nSSH port. (BZ#2104939)\n\n* With this release, the certificate validity test is compatible with RHEL\n8 and RHEL 7 based hypervisors. (BZ#2107250)\n\n* RHV 4.4 SP1 and later are only supported on RHEL 8.6, customers cannot\nuse RHEL 8.7 or later, and must stay with RHEL 8.6 EUS. (BZ#2108985)\n\n* Previously, importing templates from the Administration Portal did not\nwork. With this release, importing templates from the Administration Portal\nis possible. (BZ#2109923)\n\n* ovirt-provider-ovn certificate expiration is checked along with other RHV\ncertificates. If ovirt-provider-ovn is about to expire or already expired,\na warning or alert is raised in the audit log. To renew the\novirt-provider-ovn certificate, administators must run engine-setup. If\nyour ovirt-provider-ovn certificate expires on a previous RHV version,\nupgrade to RHV 4.4 SP1 batch 2 or later, and ovirt-provider-ovn certificate\nwill be renewed automatically in the engine-setup. (BZ#2097560)\n\n* Previously, when importing a virtual machine with manual CPU pinning, the\nmanual pinning string was cleared, but the CPU pinning policy was not set\nto NONE. As a result, importing failed. In this release, the CPU pinning\npolicy is set to NONE if the CPU pinning string is cleared, and importing\nsucceeds. (BZ#2104115)\n\n* Previously, the Manager could start a virtual machine with a Resize and\nPin NUMA policy on a host without an equal number of physical sockets to\nNUMA nodes. As a result, wrong pinning was assigned to the policy. With\nthis release, the Manager does not allow the virtual machine to be\nscheduled on such a virtual machine, and the pinning is correct based on\nthe algorithm. (BZ#1955388)\n\n* Rebase package(s) to version: 4.4.7. \nHighlights, important fixes, or notable enhancements: fixed BZ#2081676\n(BZ#2104831)\n\n* In this release, rhv-log-collector-analyzer provides detailed output for\neach problematic image, including disk names, associated virtual machine,\nthe host running the virtual machine, snapshots, and current SPM. The\ndetailed view is now the default. The compact option can be set by using\nthe --compact switch in the command line. (BZ#2097536)\n\n* UnboundID LDAP SDK has been rebased on upstream version 6.0.4. See\nhttps://github.com/pingidentity/ldapsdk/releases for changes since version\n4.0.14 (BZ#2092478)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\n5. \n1944286 - CVE-2021-23358 nodejs-underscore: Arbitrary code execution via the template function\n1955388 - Auto Pinning Policy only pins some of the vCPUs on a single NUMA host\n1974974 - Not possible to determine migration policy from the API, even though documentation reports that it can be done. \n2034584 - CVE-2021-22096 springframework: malicious input leads to insertion of additional log entries\n2080005 - CVE-2022-2806 ovirt-log-collector: RHVM admin password is logged unfiltered\n2092478 - Upgrade unboundid-ldapsdk to 6.0.4\n2094577 - rhv-image-discrepancies must ignore small disks created by OCP\n2097536 - [RFE] Add disk name and uuid to problems output\n2097558 - Renew ovirt-provider-ovn.cer certificates during engine-setup\n2097560 - Warning when ovsdb-server certificates are about to expire(OVN certificate)\n2097725 - Certificate Warn period and automatic renewal via engine-setup do not match\n2104115 - RHV 4.5 cannot import VMs with cpu pinning\n2104831 - Upgrade ovirt-log-collector to 4.4.7\n2104939 - Export OVA when using host with port other than 22\n2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS\n2107250 - Upgrade of the host failed as the RHV 4.3 hypervisor is based on RHEL 7 with openssl 1.0.z, but RHV Manager 4.4 uses the openssl 1.1.z syntax\n2107267 - ovirt-log-collector doesn\u0027t generate database dump\n2108985 - RHV 4.4 SP1 EUS requires RHEL 8.6 EUS (RHEL 8.7+ releases are not supported on RHV 4.4 SP1 EUS)\n2109923 - Error when importing templates in Admin portal\n\n6. Package List:\n\nRHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4:\n\nSource:\novirt-engine-4.5.2.4-0.1.el8ev.src.rpm\novirt-engine-dwh-4.5.4-1.el8ev.src.rpm\novirt-engine-extension-aaa-ldap-1.4.6-1.el8ev.src.rpm\novirt-engine-ui-extensions-1.3.5-1.el8ev.src.rpm\novirt-log-collector-4.4.7-2.el8ev.src.rpm\novirt-web-ui-1.9.1-1.el8ev.src.rpm\nrhv-log-collector-analyzer-1.0.15-1.el8ev.src.rpm\nunboundid-ldapsdk-6.0.4-1.el8ev.src.rpm\nvdsm-jsonrpc-java-1.7.2-1.el8ev.src.rpm\n\nnoarch:\novirt-engine-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-backend-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-dbscripts-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-dwh-4.5.4-1.el8ev.noarch.rpm\novirt-engine-dwh-grafana-integration-setup-4.5.4-1.el8ev.noarch.rpm\novirt-engine-dwh-setup-4.5.4-1.el8ev.noarch.rpm\novirt-engine-extension-aaa-ldap-1.4.6-1.el8ev.noarch.rpm\novirt-engine-extension-aaa-ldap-setup-1.4.6-1.el8ev.noarch.rpm\novirt-engine-health-check-bundler-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-restapi-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-setup-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-setup-base-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-setup-plugin-cinderlib-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-setup-plugin-imageio-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-setup-plugin-ovirt-engine-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-setup-plugin-ovirt-engine-common-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-setup-plugin-vmconsole-proxy-helper-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-setup-plugin-websocket-proxy-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-tools-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-tools-backup-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-ui-extensions-1.3.5-1.el8ev.noarch.rpm\novirt-engine-vmconsole-proxy-helper-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-webadmin-portal-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-engine-websocket-proxy-4.5.2.4-0.1.el8ev.noarch.rpm\novirt-log-collector-4.4.7-2.el8ev.noarch.rpm\novirt-web-ui-1.9.1-1.el8ev.noarch.rpm\npython3-ovirt-engine-lib-4.5.2.4-0.1.el8ev.noarch.rpm\nrhv-log-collector-analyzer-1.0.15-1.el8ev.noarch.rpm\nrhvm-4.5.2.4-0.1.el8ev.noarch.rpm\nunboundid-ldapsdk-6.0.4-1.el8ev.noarch.rpm\nunboundid-ldapsdk-javadoc-6.0.4-1.el8ev.noarch.rpm\nvdsm-jsonrpc-java-1.7.2-1.el8ev.noarch.rpm\nvdsm-jsonrpc-java-javadoc-1.7.2-1.el8ev.noarch.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-11022\nhttps://access.redhat.com/security/cve/CVE-2020-11023\nhttps://access.redhat.com/security/cve/CVE-2021-22096\nhttps://access.redhat.com/security/cve/CVE-2021-23358\nhttps://access.redhat.com/security/cve/CVE-2022-2806\nhttps://access.redhat.com/security/cve/CVE-2022-31129\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYxnqRtzjgjWX9erEAQiQOw//XOS172gkbNeuoMSW1IYiEpJG4zQIvT2J\nVvyizOMlQzpe49Bkopu1zj/e8yM1eXNIg1elPzA3280z7ruNb4fkeoXT7vM5mB/0\njRAr1ja9ZHnZmEW60X3WVhEBjEXCeOv5CWBgqzdQWSB7RpPqfMP7/4kHGFnCPZxu\nV/n+Z9YKoDxeiW19tuTdU5E5cFySVV8JZAlfXlrR1dz815Ugsm2AMk6uPwjQ2+C7\nUz3zLQLjRjxFk+qSph8NYbOZGnUkypWQG5KXPMyk/Cg3jewjMkjAhzgcTJAdolRC\nq3p9kD5KdWRe+3xzjy6B4IsSSqvEyHphwrRv8wgk0vIAawfgi76+jL7n/C07rdpA\nQg6zlDxmHDrZPC42dsW6dXJ1QefRQE5EzFFJcoycqvWdlRfXX6D1RZc5knSQb2iI\n3iSh+hVwxY9pzNZVMlwtDHhw8dqvgw7JimToy8vOldgK0MdndwtVmKsKsRzu7HyL\nPQSvcN5lSv1X5FR2tnx9LMQXX1qn0P1d/8gTiRFm8Oabjx2r8I0/HNgnJpTSVSBO\nDXjKFDmwpiT+6tupM39ZbWek2hh+PoyMZJb/d6/YTND6VNlzUypq+DFtLILEaM8Z\nOjWz0YAL8/ihvhq0vSdFSMFcYKSWAOXA+6pSqe7N7WtB9hl0r7sLUaRSRHti1Ime\nuF/GLDTKkPw=8zTJ\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nRed Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak\nproject, that provides authentication and standards-based single sign-on\ncapabilities for web and mobile applications. Description:\n\nRed Hat JBoss Enterprise Application Platform 7 is a platform for Java\napplications based on the WildFly application runtime. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):\n\nJBEAP-23864 - (7.4.z) Upgrade xmlsec from 2.1.7.redhat-00001 to 2.2.3.redhat-00001\nJBEAP-23865 - [GSS](7.4.z) Upgrade Apache CXF from 3.3.13.redhat-00001 to 3.4.10.redhat-00001\nJBEAP-23866 - (7.4.z) Upgrade wss4j from 2.2.7.redhat-00001 to 2.3.3.redhat-00001\nJBEAP-23926 - Tracker bug for the EAP 7.4.9 release for RHEL-7\nJBEAP-24055 - (7.4.z) Upgrade HAL from 3.3.15.Final-redhat-00001 to 3.3.16.Final-redhat-00001\nJBEAP-24081 - (7.4.z) Upgrade Elytron from 1.15.14.Final-redhat-00001 to 1.15.15.Final-redhat-00001\nJBEAP-24095 - (7.4.z) Upgrade elytron-web from 1.9.2.Final-redhat-00001 to 1.9.3.Final-redhat-00001\nJBEAP-24100 - [GSS](7.4.z) Upgrade Undertow from 2.2.20.SP1-redhat-00001 to 2.2.22.SP3-redhat-00001\nJBEAP-24127 - (7.4.z) UNDERTOW-2123 - Update AsyncContextImpl.dispatch to use proper value\nJBEAP-24128 - (7.4.z) Upgrade Hibernate Search from 5.10.7.Final-redhat-00001 to 5.10.13.Final-redhat-00001\nJBEAP-24132 - [GSS](7.4.z) Upgrade Ironjacamar from 1.5.3.SP2-redhat-00001 to 1.5.10.Final-redhat-00001\nJBEAP-24147 - (7.4.z) Upgrade jboss-ejb-client from 4.0.45.Final-redhat-00001 to 4.0.49.Final-redhat-00001\nJBEAP-24167 - (7.4.z) Upgrade WildFly Core from 15.0.19.Final-redhat-00001 to 15.0.21.Final-redhat-00002\nJBEAP-24191 - [GSS](7.4.z) Upgrade remoting from 5.0.26.SP1-redhat-00001 to 5.0.27.Final-redhat-00001\nJBEAP-24195 - [GSS](7.4.z) Upgrade JSF API from 3.0.0.SP06-redhat-00001 to 3.0.0.SP07-redhat-00001\nJBEAP-24207 - (7.4.z) Upgrade Soteria from 1.0.1.redhat-00002 to 1.0.1.redhat-00003\nJBEAP-24248 - (7.4.z) ELY-2492 - Upgrade sshd-common in Elytron from 2.7.0 to 2.9.2\nJBEAP-24426 - (7.4.z) Upgrade Elytron from 1.15.15.Final-redhat-00001 to 1.15.16.Final-redhat-00001\nJBEAP-24427 - (7.4.z) Upgrade WildFly Core from 15.0.21.Final-redhat-00002 to 15.0.22.Final-redhat-00001\n\n7", "sources": [ { "db": "NVD", "id": "CVE-2020-11023" }, { "db": "JVNDB", "id": "JVNDB-2020-005056" }, { "db": "VULHUB", "id": "VHN-163560" }, { "db": "PACKETSTORM", "id": "159852" }, { "db": "PACKETSTORM", "id": "168304" }, { "db": "PACKETSTORM", "id": "171213" }, { "db": "PACKETSTORM", "id": "171212" }, { "db": "PACKETSTORM", "id": "170821" }, { "db": "PACKETSTORM", "id": "170817" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-11023", "trust": 3.9 }, { "db": "PACKETSTORM", "id": "162160", "trust": 1.7 }, { "db": "TENABLE", "id": "TNS-2021-02", "trust": 1.7 }, { "db": "TENABLE", "id": "TNS-2021-10", "trust": 1.7 }, { "db": "PACKETSTORM", "id": "159852", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "170821", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "168304", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU99394498", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU94912830", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-21-306-01", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2020-005056", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "170823", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "162651", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "160274", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "159275", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "161727", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "161830", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "158797", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "160548", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "164887", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "158750", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "159513", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "158555", "trust": 0.7 }, { "db": "CNNVD", "id": "CNNVD-202004-2420", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2020.2694", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.0620", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.0845", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.3823", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.4248", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.2714", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.3700", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2023.1351", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.2775", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.1066", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.1916", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.3485", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.3663", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.0909", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.1961", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2023.0583", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2023.1653", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2023.0585", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.1863", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.1519", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.0824", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.2375", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.3255", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.0923", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.1703", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.5150", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.2525", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.1804", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.3875", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.2660", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.1512", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.2660.3", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.4421", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.2287", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "158406", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "158282", "trust": 0.6 }, { "db": "NSFOCUS", "id": "48902", "trust": 0.6 }, { "db": "LENOVO", "id": "LEN-60182", "trust": 0.6 }, { "db": "EXPLOIT-DB", "id": "49767", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021110301", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022012403", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022022516", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021072824", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021052207", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022072027", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022011837", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021042101", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-22-097-01", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "171213", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "171212", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "170817", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "171214", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "170819", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-163560", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-163560" }, { "db": "JVNDB", "id": "JVNDB-2020-005056" }, { "db": "PACKETSTORM", "id": "159852" }, { "db": "PACKETSTORM", "id": "168304" }, { "db": "PACKETSTORM", "id": "171213" }, { "db": "PACKETSTORM", "id": "171212" }, { "db": "PACKETSTORM", "id": "170821" }, { "db": "PACKETSTORM", "id": "170817" }, { "db": "CNNVD", "id": "CNNVD-202004-2420" }, { "db": "NVD", "id": "CVE-2020-11023" } ] }, "id": "VAR-202004-2199", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-163560" } ], "trust": 0.01 }, "last_update_date": "2024-07-23T19:20:16.457000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "hitachi-sec-2020-130 Software product security information", "trust": 0.8, "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" }, { "title": "jQuery Fixes for cross-site scripting vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=178501" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-005056" }, { "db": "CNNVD", "id": "CNNVD-202004-2420" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-79", "trust": 1.1 }, { "problemtype": "Cross-site scripting (CWE-79) [NVD Evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-163560" }, { "db": "JVNDB", "id": "JVNDB-2020-005056" }, { "db": "NVD", "id": "CVE-2020-11023" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "http://packetstormsecurity.com/files/162160/jquery-1.0.3-cross-site-scripting.html" }, { "trust": 2.3, "url": "https://www.oracle.com/security-alerts/cpuapr2021.html" }, { "trust": 2.3, "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "trust": 2.3, "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "trust": 2.0, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-11023" }, { "trust": 1.7, "url": "https://github.com/jquery/jquery/security/advisories/ghsa-jpcq-cgw6-v4j6" }, { "trust": 1.7, "url": "https://security.netapp.com/advisory/ntap-20200511-0006/" }, { "trust": 1.7, "url": "https://www.drupal.org/sa-core-2020-002" }, { "trust": 1.7, "url": "https://www.tenable.com/security/tns-2021-02" }, { "trust": 1.7, "url": "https://www.tenable.com/security/tns-2021-10" }, { "trust": 1.7, "url": "https://www.debian.org/security/2020/dsa-4693" }, { "trust": 1.7, "url": "https://security.gentoo.org/glsa/202007-03" }, { "trust": 1.7, "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released" }, { "trust": 1.7, "url": "https://jquery.com/upgrade-guide/3.5/" }, { "trust": 1.7, "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "trust": 1.7, "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "trust": 1.7, "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "trust": 1.7, "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "trust": 1.7, "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "trust": 1.7, "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "trust": 1.7, "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3cissues.flink.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3cissues.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3cdev.felix.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3cissues.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3cgitbox.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3cdev.felix.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3cdev.felix.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3cissues.flink.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3cissues.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3cdev.felix.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3cissues.flink.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3cdev.felix.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3cissues.flink.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3cissues.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3cissues.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3cissues.flink.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3cissues.flink.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3ccommits.felix.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3cissues.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3cdev.felix.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3cgitbox.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3cgitbox.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3cgitbox.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3cissues.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3ccommits.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3cissues.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3cgitbox.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3cissues.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3cdev.flink.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3cissues.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3ccommits.nifi.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3cissues.flink.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3cissues.flink.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3cissues.flink.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3cdev.felix.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3cgitbox.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3cdev.hive.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/avkyxlwclzbv2n7m46kyk4lva5oxwpby/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/qpn2l2xvqgua2v5hnqjwhk3apsk3vn7k/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/sapqvx3xdnpgft26qaq6ajixzzbz4cd4/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/sfp4uk4egp4afh2mwyj5a5z4i7xvfq6b/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu99394498/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu94912830/" }, { "trust": 0.8, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-306-01" }, { "trust": 0.7, "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/avkyxlwclzbv2n7m46kyk4lva5oxwpby/" }, { "trust": 0.7, "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/qpn2l2xvqgua2v5hnqjwhk3apsk3vn7k/" }, { "trust": 0.7, "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/sfp4uk4egp4afh2mwyj5a5z4i7xvfq6b/" }, { "trust": 0.7, "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/sapqvx3xdnpgft26qaq6ajixzzbz4cd4/" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3ccommits.felix.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3cdev.felix.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3cdev.felix.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3cdev.felix.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3cdev.felix.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3cdev.felix.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3cdev.felix.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3cdev.felix.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3cdev.flink.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3cissues.flink.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3cissues.flink.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3cissues.flink.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3cissues.flink.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3cissues.flink.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3cissues.flink.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3cissues.flink.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3cissues.flink.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3cissues.flink.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3ccommits.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3cdev.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3cgitbox.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3cgitbox.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3cgitbox.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3cgitbox.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3cgitbox.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3cgitbox.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3cissues.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3cissues.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3cissues.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3cissues.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3cissues.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3cissues.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3cissues.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3cissues.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3cissues.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3cissues.hive.apache.org%3e" }, { "trust": 0.7, "url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3ccommits.nifi.apache.org%3e" }, { "trust": 0.6, "url": "https://access.redhat.com/security/cve/cve-2020-11023" }, { "trust": 0.6, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-11022" }, { "trust": 0.6, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.6, "url": "https://access.redhat.com/security/cve/cve-2020-11022" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021110301" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/159513/red-hat-security-advisory-2020-4211-01.html" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-kenexa-lcms-premier-on-premise-all-jquery-publicly-disclosed-vulnerability-cve-2020-11023-cve-2020-11022/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.4248/" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022011837" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.3823" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.2287/" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/158797/red-hat-security-advisory-2020-3369-01.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/161727/red-hat-security-advisory-2021-0778-01.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/159275/red-hat-security-advisory-2020-3807-01.html" }, { "trust": 0.6, "url": "https://www.oracle.com/security-alerts/cpujul2021.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/161830/red-hat-security-advisory-2021-0860-01.html" }, { "trust": 0.6, "url": "https://www.exploit-db.com/exploits/49767" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/162651/red-hat-security-advisory-2021-1846-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.3875/" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-jquery-vulnerabilities-affect-ibm-emptoris-strategic-supply-management-platform-cve-2020-11023-cve-2020-11022/" }, { "trust": 0.6, "url": "https://www.ibm.com/support/pages/node/6520510" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/158555/gentoo-linux-security-advisory-202007-03.html" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-jquery-as-used-by-ibm-qradar-network-packet-capture-is-vulnerable-to-cross-site-scripting-xss-cve-2020-11023-cve-2020-11022/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.1653" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-using-components-with-known-vulnerabilities-10/" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-using-components-with-known-vulnerabilities-8/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.0923" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.2694/" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/158282/red-hat-security-advisory-2020-2813-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.2375/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.0845" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.2775/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.1066" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-jquery-affect-ibm-license-metric-tool-v9/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.5150" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/168304/red-hat-security-advisory-2022-6393-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.1804/" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/160274/red-hat-security-advisory-2020-5249-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0824" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-verify-information-queue-uses-a-node-js-package-with-known-vulnerabilities-cve-2020-11023-cve-2020-11022/" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021042101" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.1961/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.1512" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-cross-site-scripting-vulnerabilities-in-jquery-might-affect-ibm-business-automation-workflow-and-ibm-business-process-manager-bpm-cve-2020-7656-cve-2020-11022-cve-2020-11023-2/" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/48902" }, { "trust": 0.6, "url": "https://support.lenovo.com/us/en/product_security/len-60182" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilites-affect-ibm-jazz-foundation-and-ibm-engineering-products-5/" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022022516" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/158750/red-hat-security-advisory-2020-3247-01.html" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-jquery-as-used-in-ibm-security-qradar-packet-capture-is-vulnerable-to-cross-site-scripting-xss-cve-2020-11023-cve-2020-11022/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.1703" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.2714/" }, { "trust": 0.6, "url": "https://www.ibm.com/support/pages/node/6525182" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/158406/red-hat-security-advisory-2020-2412-01.html" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-tivoli-netcool-impact-is-affected-by-jquery-vulnerabilities-cve-2020-11022-cve-2020-11023/" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/160548/red-hat-security-advisory-2020-5412-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.2660.3/" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impacted-by-vulnerabilities-in-drupal-cve-2020-11022-cve-2020-11023/" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-kenexa-lms-on-premise-all-jquery-publicly-disclosed-vulnerability-cve-2020-11023-cve-2020-11022/" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-planning-analytics-workspace-is-affected-by-security-vulnerabilities-3/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.1863/" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impacted-by-vulnerabilities-in-drupal-cve-2020-11022-cve-2020-11023-2/" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-jquery-fixed-in-mobile-foundation-cve-2020-11023-cve-2020-11022/" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-jquery-affect-ibm-wiotp-messagegateway-cve-2020-11023-cve-2020-11022/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.3700/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.1916" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.1519" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022072027" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.0909" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-have-been-fixed-in-ibm-security-identity-manager-virtual-appliance/" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021052207" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/170821/red-hat-security-advisory-2023-0552-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.0585" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/159852/red-hat-security-advisory-2020-4847-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.2525" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.2660/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.4421/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.0620" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.1351" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.0583" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-license-key-server-administration-and-reporting-tool-is-impacted-by-multiple-vulnerabilities-in-jquery-bootstrap-and-angularjs/" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerability-issues-affect-ibm-spectrum-symphony-7-3-1/" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022012403" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-jquery-spring-dom4j-mongodb-linux-kernel-targetcli-fb-jackson-node-js-and-apache-commons-affect-ibm-spectrum-protect-plus/" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021072824" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-cross-site-scripting-vulnerabilities-in-jquery-might-affect-ibm-business-automation-workflow-and-ibm-business-process-manager-bpm-cve-2020-7656-cve-2020-11022-cve-2020-11023/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.3663" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-097-01" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.3255/" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/164887/red-hat-security-advisory-2021-4142-02.html" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerability-has-been-identified-in-bigfix-platform-shipped-with-ibm-license-metric-tool-2/" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/170823/red-hat-security-advisory-2023-0553-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.3485/" }, { "trust": 0.5, "url": "https://access.redhat.com/security/cve/cve-2018-14042" }, { "trust": 0.5, "url": "https://access.redhat.com/security/cve/cve-2018-14040" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-14042" }, { "trust": 0.5, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.5, "url": "https://access.redhat.com/security/cve/cve-2019-11358" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11358" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-14040" }, { "trust": 0.5, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.5, "url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.4, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-40150" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-40149" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-45047" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-46364" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-42004" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-45693" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-42003" }, { "trust": 0.3, "url": "https://access.redhat.com/security/cve/cve-2015-9251" }, { "trust": 0.3, "url": "https://access.redhat.com/security/cve/cve-2019-8331" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-10735" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-9251" }, { "trust": 0.3, "url": "https://access.redhat.com/security/cve/cve-2016-10735" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8331" }, { "trust": 0.3, "url": "https://access.redhat.com/security/cve/cve-2022-31129" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-31129" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-38750" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-1471" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1438" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-3916" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-25857" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-46175" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-35065" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-44906" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2021-44906" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2023-0091" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-24785" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-3782" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-2764" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2764" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-4137" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-46363" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1471" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2023-0264" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-38751" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-1274" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-37603" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-38749" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2021-35065" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-1438" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-25857" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-24785" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1274" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3143" }, { "trust": 0.2, "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/" }, { "trust": 0.2, "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-14041" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-40150" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18214" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-40152" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-40149" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-40152" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2018-14041" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2017-18214" }, { "trust": 0.2, "url": "https://issues.jboss.org/):" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-3143" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1721" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-10146" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10221" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-1721" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-15720" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-15720" }, { "trust": 0.1, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10146" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-10179" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10179" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-10221" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2020:4847" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22096" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2022:6393" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-22096" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-23358" }, { "trust": 0.1, "url": "https://github.com/pingidentity/ldapsdk/releases" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/2974891" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2806" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-23358" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-2806" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-2237" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:1049" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2237" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:1043" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:0552" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:0556" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=appplatform\u0026version=7.4" } ], "sources": [ { "db": "VULHUB", "id": "VHN-163560" }, { "db": "JVNDB", "id": "JVNDB-2020-005056" }, { "db": "PACKETSTORM", "id": "159852" }, { "db": "PACKETSTORM", "id": "168304" }, { "db": "PACKETSTORM", "id": "171213" }, { "db": "PACKETSTORM", "id": "171212" }, { "db": "PACKETSTORM", "id": "170821" }, { "db": "PACKETSTORM", "id": "170817" }, { "db": "CNNVD", "id": "CNNVD-202004-2420" }, { "db": "NVD", "id": "CVE-2020-11023" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-163560" }, { "db": "JVNDB", "id": "JVNDB-2020-005056" }, { "db": "PACKETSTORM", "id": "159852" }, { "db": "PACKETSTORM", "id": "168304" }, { "db": "PACKETSTORM", "id": "171213" }, { "db": "PACKETSTORM", "id": "171212" }, { "db": "PACKETSTORM", "id": "170821" }, { "db": "PACKETSTORM", "id": "170817" }, { "db": "CNNVD", "id": "CNNVD-202004-2420" }, { "db": "NVD", "id": "CVE-2020-11023" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-04-29T00:00:00", "db": "VULHUB", "id": "VHN-163560" }, { "date": "2020-06-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-005056" }, { "date": "2020-11-04T15:29:15", "db": "PACKETSTORM", "id": "159852" }, { "date": "2022-09-08T14:41:25", "db": "PACKETSTORM", "id": "168304" }, { "date": "2023-03-02T15:19:28", "db": "PACKETSTORM", "id": "171213" }, { "date": "2023-03-02T15:19:19", "db": "PACKETSTORM", "id": "171212" }, { "date": "2023-01-31T17:21:40", "db": "PACKETSTORM", "id": "170821" }, { "date": "2023-01-31T17:16:43", "db": "PACKETSTORM", "id": "170817" }, { "date": "2020-04-29T00:00:00", "db": "CNNVD", "id": "CNNVD-202004-2420" }, { "date": "2020-04-29T21:15:11.743000", "db": "NVD", "id": "CVE-2020-11023" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-02-03T00:00:00", "db": "VULHUB", "id": "VHN-163560" }, { "date": "2022-02-16T03:20:00", "db": "JVNDB", "id": "JVNDB-2020-005056" }, { "date": "2023-03-21T00:00:00", "db": "CNNVD", "id": "CNNVD-202004-2420" }, { "date": "2023-11-07T03:14:27.553000", "db": "NVD", "id": "CVE-2020-11023" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202004-2420" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "jQuery\u00a0 Cross-site Scripting Vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-005056" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "XSS", "sources": [ { "db": "CNNVD", "id": "CNNVD-202004-2420" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.